Research And Application Of The Dynamic Password Authentication Based On Mobile Phone For E-government

With the rapid development of the network information technology, more and morepeople feel that they can not do their work without information technology. Thegovernment departments gradually can not handle official business without e-government.E-government is using the modern information and communication technologies to gatherservices and management through network technology,and e-government greatly improvethe efficiency of the government departments. Due to the openness of the network, varioussecurity issues are a threat to the e-government. In order to build a secure and reliablee-government system,we must need to solve the authentication problem first.The staticpassword authentication is widely used,but this mechanism has serious security bugs.It isunable to match the high security requirements of the e-government. Dynamic passwordauthentication method can solve the security problems brought by the static passwordauthentication method. General dynamic password needed hardware device as a carrier,butnormally a hardware device is lack of a communication module,can not communicateswith the authentication server.Leads to the out-of-sync problem between hardware andauthentication server,and is implemented by Android platform.With the development of mobile Internet,the handling of smart phone and capacityability increased dramatically,the smart phone also brings us a wide variety of mobileapplication software. This paper proposed a dynamic password authentication methodbased on time synchronization,and according to the functional requirements of thee-government network,this paper designs a kind of security SMS transport protocol tointeractive data between SMS server and anthentication server implementing a serialsservice such as starting the authentication service,canceling the authentication service,synchronizing the service,alarming and tracking.Instant message server can exchangeinformation with mobile via SMS server at the same time.The authenticaton server usesWebService technology to provide external authentication interface for the subsystem ofthe e-government.