Research Article Open Access

Two Factor Authentication for e-Government Services using Hardware-Like One Time Password Generators

Giuseppe Della Penna1, Pietro Frasca2 and Benedetto Intrigila2
  • 1 University of L’Aquila, Italy
  • 2 University of Rome “Tor Vergata”, Italy
Journal of Computer Science
Volume 15 No. 1, 2019, 171-189

DOI: https://doi.org/10.3844/jcssp.2019.171.189

Submitted On: 17 October 2018 Published On: 26 January 2019

How to Cite: Penna, G. D., Frasca, P. & Intrigila, B. (2019). Two Factor Authentication for e-Government Services using Hardware-Like One Time Password Generators. Journal of Computer Science, 15(1), 171-189. https://doi.org/10.3844/jcssp.2019.171.189

Abstract

A safe and accessible authentication technique is a prerequisite for any modern e-government application. Two-factor authentication is currently widely adopted, since it alleviates many vulnerabilities of password-based authentication. The majority of e-government systems currently make use of text messages to deliver the second authentication factor, but these messages do not constitute an adequate (secure and reliable) solution. In this paper we show how to use One-Time Passwords (OTP) generated by a per-user, ad-hoc built application installed on a smartphone to support a two-factor authentication scheme specifically targeted to e-government tasks. In particular, we develop a process for the request, generation and distribution of such an application that achieves the same security of OTP hardware devices but avoids the related distribution and management costs, requiring no dedicated hardware and relying on the pre-existing administrative infrastructure. The process is designed to be accessible by any citizen who is able to perform very basic operations on a smartphone.

  • 869 Views
  • 579 Downloads
  • 0 Citations

Download

Keywords

  • E-Government Services
  • Service Accessibility
  • Two-Factor Authentication
  • One-Time Password
  • Mobile Applications