Design And Realization Of Dual-factor Authentication Mechanism Based On Bluetooth

Each system has several roles, and each role owns different authorities and functions.Identify authentication and access control is the process of system confirming who you are and allocating corresponding authorities.Identify authentication is applied to judge the identifies of systems’visitors and it allows legal users to enter. Then access control determines accessing and using authorities of users.The two steps make sure that the access mechanism of computer and network systems can be run in reliable and safe environment. At the same time, they can prevent attackers, who imitate legal users, to gain access permissions of related resources and make sure the security of systems and data and legal benefits of users. Whether the process of identify authentication meets the safety requirements directly related to the security of systems and data. Currently, numerous techniques are applied to identify authentication, such as static password, dynamic code, USB KEY, biometric, dual-factor authentication and so on.However there is a certain problem with these techniques such as too simple static password is insecure, high-cost USB KEY, biometric technology is not perfect and other issues.The thesis proposes a dual-factor authentication mechanism to deal with the identify authentication security issues of websites and existed technical issues.The mechanism mainly applies close range bluetooth wireless technology, and the prototype system is realised on Android platform and computer.The system establishes a connection between the bluetooth on cell phone and the bluetooth in computer.The unique bluetooth identify password is setted when the visitor makes a registration.In addition to static the user name and password, the user need to input bluetooth password gained from cell phone when the user is logging in to realise the dual authentications.After successful authentication, the user can log in the system and get corresponding authorities.The system not only guarantees that the user can make wireless authentication on the computer by using the bluetooth on cell phone, but also can avoid potential safety problems effectively when users leave without logging out.The bluetooth will disconnect when the user leaves the computer after 10 meters. And the background of the system will test the existence of bluetooth connection when the system refreshes pages or submits data.If the connection is disconnected, the system will redirect to log-in page automatically to protect the informational security of users.This system can help people to simplify the procedure of logging in and save cost by using prevalent and cheap bluetooth modules in cell phones.The system of identify authentication, which has the features of low cost and high security, can complete related authentication works to enhance the identify authentication security of websites through the short-range wireless information exchange between bluetooth adapters and computers.What’s more, it has broad prospects with a strong use value.