Title

Synchronize Confidential Authentication (SCA)

Document Type

Conference Proceeding

Publication Date

2014

Publication Title

Proceedings of the 2014 ASEE North Central Section Conference

Abstract

Digital identity management is one that is becoming an integral part of our lives, as consumers and businesses rely more and more on online transactions for daily tasks, such as banking, shopping, and bill payment. These transactions crucially depend on networked computer systems to communicate sensitive identity data across personal, company, and enterprise boundaries. Like regular offline transactions, identity theft is always a threat. And it is known that in the digital world, there is nothing that is 100% secure. In this paper, we propose Synchronize Confidential Authentication model that resembles the real world notary service only to become a part of online transactions authentication through a trusted third party referred to as Certificate Authority whose responsibilities are clearly defined. Our proposed model binds confidential pair of keys to remote user/server, no key exchange algorithm needed and presents a new protocol for mutual identity authentication using client authentication flow with variations in its implementation from existing models in the literature that can be summarized in two points: using generation of related pair of confidential keys for user and server instead of using the public key in the client authentication flow and re-generation of new confidential keys based on a time interval as requested by the requestor from Certificate Authority.