Trusted Identity Authentication Scheme Based On Mobile Terminal

With the development of mobile Internet,mobile terminals are increasingly important in the daily life,and with the prevalence of software as a service model,mounting mobile terminals use cloud services to perform corresponding functions.Identity authentication is a significant task in the use of mobile terminals to enjoy the convenient services and also an important component of network security.At present,mobile terminals mainly adopt the one-way static password,however,this authentication method exists many threats such as network eavesdropping,man-in-the-middle attack,replay attack,brute force attack,etc.Meanwhile,plenty of applications take remember the password,auto-login and other functions to reduce the amount of user's login,which may lead to non-user login and other risks.To solve the above-mentioned problems,this thesis designs a trusted identity authentication scheme based on mobile terminals composed of implicit authentication and explicit authentication.Aiming at illegal use of apps,this thesis proposes an implicit identity authentication based on multi-attribute decision making theory according to the stability of user behavior habit.By accumulating user behavior data,t his method normalizes the data,constructs the matrix of user 's normal behavior,obtains user 's habit vector through the matrix,gets attri bute weights through eigenvector method,conducts comprehensive evaluations,and finally generates the implicit identity authentication model.The implicit identity authentication based on multi-attribute decision making theory is a persistent method which is based on the stability of user behavior when using cloud services,its main function in the scheme is to supplement the explicit authentication.This thesis also puts forward a two-way dynamic password authentication scheme based on FIDO to deal with t he defects that one-way static authentication scheme has.The scheme contains an efficient two-way dynamic password protocol which combines symmetric encryption and asymmetric encryption to achieve two-way authentication between users and cloud services,d esigns a software token that contains FIDO to implement local biometric authentication simultaneously.The final scheme completes the security authentication of mobile terminal users and cloud services via combining the implicit authentication with explicit authentication.