Protecting Mobile Service User Identity by Adding Additional Security Layer
| dc.contributor.author | Erdemir, Utku | |
| dc.contributor.author | Coşkun, Vedat | |
| dc.contributor.author | Buk, Onur | |
| dc.contributor.author | Mantar, Hacı Ali | |
| dc.contributor.author | Köse, Büşra Özdenizci | |
| dc.date.accessioned | 2024-03-13T09:49:59Z | |
| dc.date.available | 2024-03-13T09:49:59Z | |
| dc.date.issued | 2021 | |
| dc.department | İstanbul Beykent Üniversitesi | en_US |
| dc.description.abstract | Today, various common identity systems (e.g. Facebook Login, Google Connect, Apple ID) are used to improve operational efficiency for service providers and provide an easier authentication method in web or mobile services for users. Almost all common identity systems focus on delivering seamless user experience while proving user identity securely to the service provider. In particular, the use of common identity systems with a high security level is becoming a more important requirement on smartphones. In this context, MNOs (Mobile Network Operators) are considered as an important actor in providing common identity services, as they have strong GSM capabilities. Currently, it is possible to see many identity management solutions -based on OpenID Connect and Mobile Connect standards- from MNOs which are used for authentication in mobile applications of service providers. However, existing solutions generally does not provide very high level of assurance in the asserted digital identity. With advancements in value-added mobile services and increasing security requirements; there is a need for common identity systems that provide higher levels of assurance (i.e., particularly LoA4), strong authentication and non-repudiation services for service providers and users. This study presents the development and implementation of a multi-factor authentication method for mobile services based on Mobile Connect and OpenID Connect standards. The designed model includes the usage of three identity -knowledge, ownership, biometric- factors of user in order to access sensitive mobile services on the smartphone. The system development and testing studies were systematically presented based on the functional requirements. The realization and deployment of the proposed model by MNOs could play an important role in the development of mobile services that require a high level of assurance in the future. | en_US |
| dc.identifier.doi | 10.31590/ejosat.833433 | |
| dc.identifier.endpage | 30 | en_US |
| dc.identifier.issn | 2148-2683 | |
| dc.identifier.issue | 23 | en_US |
| dc.identifier.startpage | 22 | en_US |
| dc.identifier.trdizinid | 1174746 | en_US |
| dc.identifier.uri | https://doi.org/10.31590/ejosat.833433 | |
| dc.identifier.uri | https://search.trdizin.gov.tr/yayin/detay/1174746 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.12662/2376 | |
| dc.identifier.volume | 0 | en_US |
| dc.indekslendigikaynak | TR-Dizin | en_US |
| dc.language.iso | en | en_US |
| dc.relation.ispartof | Avrupa Bilim ve Teknoloji Dergisi | en_US |
| dc.relation.publicationcategory | Makale - Ulusal Hakemli Dergi - Kurum Öğretim Elemanı | en_US |
| dc.rights | info:eu-repo/semantics/openAccess | en_US |
| dc.title | Protecting Mobile Service User Identity by Adding Additional Security Layer | en_US |
| dc.type | Article | en_US |
