Newsletter 高速鐵路簡訊 . 交通部高速鐵路工程局
CCR全景盤展現A16-A21站間列車運行狀況 Introduction to the OTP Security Verification System in BOHSR
本局雲端服務整合MOTP動態密碼架構圖。

為強化雲端服務資安考量與使用便利性,本局已於103年12月進行雲端服務整合,將MOTP(Mobile One Time Password)動態密碼系統與現有系統認證機制相互結合,藉由雙因素認證機制的導入,可更安全的提供本局長官及同仁Anywhere、Anytime、Any device、Any service 之使用本局內部資訊系統(例如:軟體分享、公文漫遊、雲端列印及行動辦公)。
有關本局雲端服務整合MOTP動態密碼架構如圖,使用者登入雲端服務整合MOTP動態密碼,將先進入本局網域帳號密碼,整合之系統將針對外部使用者提供「一次性動態密碼鎖MOTP」動態密碼系統進行雙因素認證。每當使用者由外部登入服務平台通過網域個人帳號與密碼認證後,服務平台需即時提供OTP一次性密碼輸入介面。

To strengthen information security and user-friendly characteristics of the cloud service, BOHSR conducted the cloud service integration in Dec. 2014. To achieve the goal of "Anywhere, Anytime, Any device and Any service" for the IT system (eg. Application software sharing, official Cloud Service, Cloud Printing and Mobile office), the bi-factor verification mechanism was induced by combining the Mobile One Time Password (MOTP) and the current verification system.
The MOTP verification structure is briefed as figure 1. When the user logs into the BOHSR system, they first use the BOHSR username/password to log on to the server. Then, the integrated cloud system provides a MOTP for external user to process bi-factor verification. Further on, when the user logs on using an external device, the cloud provides a set of OTP for the platform subsequent to the user's username/password verification.

  • 分享: