Mobile user authentication system in cloud environment


Correspondence: Bing-Chang Chen, Department of Information and Communication, Southern Taiwan University of Science and Technology, Tainan, Taiwan.



In order to reach a safe environment that can be automatically used on the Internet and to take precautions against the Internet fishing attack, the system integrates some features including one-time password, Completely Automated Public Turing Test to tell Computers and Humans Apart, voiceprint identification of creatural features, and visual cryptography, designing a formula wherein users do not need to remember any accounts and passwords when they surf the Internet through mobile devices, and it aims at smart phones and the Cloud. The formula is able to improve the problems of rampant Internet fishing and the management of passwords. In techniques, on one hand, it uses PIN information visual passwords in cell phones to improve the security of the account; on the other hand, it uses voiceprint identification features so that the system center can ensure the user's identification with a view to improve the leak in mobile devices rather than only to check mobile devices. And then, it utilizes the voiceprint, which we use when we log in, to produce a one-time password that is able to lower the risk of the account and passwords being attacked by Internet fishing. Through the frame of this research, it can protect our cell phones from being lost and embezzled and can prevent the account and passwords from being attacked by Internet fishing. It can also solve the problem of users forgetting accounts and passwords, and reduce the operational burden of cell phones. Besides, it is capable of preventing the Cloud servers from incurring many malicious registrations and logins, keeping them working efficiently. Copyright © 2012 John Wiley & Sons, Ltd.