Scientific Online Resource System

Izvestia Journal of the Union of Scientists - Varna. Economic Sciences Series

Methodological problems with using Qualified Electronic Signature and Universal 2 Factor in web applications

Petar Dimitrov

Abstract

This article aims to present some specific methodological features with using a Qualified Electronic Signature (QES) and Universal 2 Factor (U2F) technology for authentication in web applications. The legal basis, regulating using electronic signatures, is described. A comparison between the two technologies is made in the context of web applications and technical usage limitations for both technologies are described. Possible future developments of the U2F protocol in terms of usability and connectivity are discussed. Implementation of U2F authentication technology is proposed to be an additional layer of security in web applications, not only developed by the Bulgarian government, but also other web applications, requiring strong authentication.

Keywords

Qualified Electronic Signature, QES, Universal 2 Factor, U2F

Full Text


References

Илиев, П., Сълов, В., Петров, П. Виртуални системи. Монографична библиотека "Цани Калянджиев", Варна: Наука и икономика, 2010.

Петров, П. Управление на информационната безопасност. Математика и информатика - реалности и перспективи, Варна: СМБ/ВСУ "Черноризец Храбър", 2007.

Трифонов, Т., Защита на информацията и приложна криптография, електронен учебник

A. Barth, The Web Origin Concept (RFC 6454), IETF, 2011. Available at: http://www.ietf.org/rfc/rfc6454.txt

D. Balfanz, FIDO U2F Implementation Considerations, 2017. Available at: https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-implementation-considerations-v1.2-ps-20170411.pdf

D. Balfanz, FIDO U2F Raw Message Formats, 2017.

Maxim Sovetkin, Considerations for Adding FIDO U2F to Your Security Protocol, 10.01.2017. Available at: https://www.esecurityplanet.com/windows-security/considerations-for-adding-fido-u2f-to-your-security-protocol-1.html

S. Srinivas, D. Balfanz, E. Tiffany, FIDO U2F Overview, 2017. Available at: https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-overview-v1.2-ps-20170411.pdf

R. Lindemann, D. Baghdasaryan, B. Hill, J. Hodges, FIDO Technical Glossary, 2017. Available at: https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-glossary-v1.2-ps-20170411.pdf

William E. Burr, Donna F. Dodson, Elaine M. Newton, Ray A. Perlner, W. Timothy Polk, Sarbari Gupta, Emad A. Nabbus, Electronic Authentication Guideline, 2013. Available at: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-2.pdf


Refbacks

Font Size


|