A Method of Risk Assessment for Multi-Factor Authentication

被引:26
|
作者
Kim, Jae-Jung [1 ]
Hong, Seng-Phil [1 ]
机构
[1] Sungshin W Univ, Dept Comp Sci, Informat Secur Lab, Seoul, South Korea
来源
JOURNAL OF INFORMATION PROCESSING SYSTEMS | 2011年 / 7卷 / 01期
关键词
Multi-factor Authentication; PKI; User Authentication; Biometric Authentication;
D O I
10.3745/JIPS.2011.7.1.187
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
User authentication refers to user identification based on something a user knows, something a user has, something a user is or something the user does; it can also take place based on a combination of two or more of such factors. With the increasingly diverse risks in online environments, user authentication methods are also becoming more diversified. This research analyzes user authentication methods being used in various online environments, such as web portals, electronic transactions, financial services and e-government, to identify the characteristics and issues of such authentication methods in order to present a user authentication level system model suitable for different online services. The results of our method are confirmed through a risk assessment and we verify its safety using the testing method presented in OWASP and NIST SP800-63.
引用
收藏
页码:187 / 198
页数:12
相关论文
共 50 条
  • [1] Multi-observed Multi-factor Authentication: A Multi-factor Authentication Using Single Credential
    Nozaki, Shinnosuke
    Serizawa, Ayumi
    Yoshihira, Mizuho
    Fujita, Masahiro
    Shibata, Yoichi
    Yamanaka, Tadakazu
    Matsuda, Nori
    Ohki, Tetsushi
    Nishigaki, Masakatsu
    [J]. ADVANCES IN NETWORK-BASED INFORMATION SYSTEMS, NBIS-2022, 2022, 526 : 201 - 211
  • [2] Multi-Factor Authentication as a Service
    Shah, Yogendra
    Choyi, Vinod
    Schmidt, Andreas U.
    Subramanian, Lakshmi
    [J]. 2015 3RD IEEE INTERNATIONAL CONFERENCE ON MOBILE CLOUD COMPUTING, SERVICES, AND ENGINEERING (MOBILECLOUD 2015), 2015, : 144 - 150
  • [3] MULTI-FACTOR AUTHENTICATION MODELLING
    Dostalek, L.
    Safarik, J.
    [J]. RADIO ELECTRONICS COMPUTER SCIENCE CONTROL, 2020, (02) : 106 - 116
  • [4] Multi-Factor Authentication: A Survey
    Ometov, Aleksandr
    Bezzateev, Sergey
    Makitalo, Niko
    Andreev, Sergey
    Mikkonen, Tommi
    Koucheryavy, Yevgeni
    [J]. CRYPTOGRAPHY, 2018, 2 (01) : 1 - 31
  • [5] Multi-Factor Authentication on Cloud
    Khan, Salman H.
    Akbar, M. Ali
    [J]. 2015 INTERNATIONAL CONFERENCE ON DIGITAL IMAGE COMPUTING: TECHNIQUES AND APPLICATIONS (DICTA), 2015, : 548 - 554
  • [6] Mobile Multi-Factor Authentication
    Bissada, Andrew
    Olmsted, Aspen
    [J]. 2017 12TH INTERNATIONAL CONFERENCE FOR INTERNET TECHNOLOGY AND SECURED TRANSACTIONS (ICITST), 2017, : 210 - 211
  • [7] Multi-Factor Authentication Modeling
    Dostalek, Libor
    [J]. 2019 9TH INTERNATIONAL CONFERENCE ON ADVANCED COMPUTER INFORMATION TECHNOLOGIES (ACIT'2019), 2019, : 443 - 446
  • [8] A Study of Multi-Factor and Risk-Based Authentication Availability
    Gavazzi, Anthony
    Williams, Ryan
    Kirda, Engin
    Lu, Long
    King, Andre
    Davis, Andy
    Leek, Tim
    [J]. PROCEEDINGS OF THE 32ND USENIX SECURITY SYMPOSIUM, 2023, : 2043 - 2060
  • [9] A Score Fusion Method by Neural Network in Multi-Factor Authentication
    Matsuoka, Katsuya
    Irvan, Mhd
    Kobayashi, Ryosuke
    Yamaguchi, Rie Shigetomi
    [J]. PROCEEDINGS OF THE TENTH ACM CONFERENCE ON DATA AND APPLICATION SECURITY AND PRIVACY, CODASPY 2020, 2020, : 147 - 149
  • [10] Spectroscopically enhanced method and system for multi-factor biometric authentication
    Pishva, Davar
    [J]. IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2008, E91D (05): : 1369 - 1379
12345