• Title/Summary/Keyword: Multi-factor Authentication

Search Result 13, Processing Time 0.208 seconds

Multi-Factor Authentication System based on Software Secure Card-on-Matching For Secure Login (안전한 로그인을 위한 소프트 보안카드 기반 다중 인증 시스템)

  • Lee, Hyung-Woo
    • The Journal of the Korea Contents Association
    • /
    • v.9 no.3
    • /
    • pp.28-38
    • /
    • 2009
  • Login process uses both ID and password information to authenticate someone and to permit its access privilege on system. However, an attacker can get those ID and password information by using existing packet sniffing or key logger programs. It cause privacy problem as those information can be used as a hacking and network attack on web server and web e-mail system. Therefore, a more secure and advanced authentication mechanism should be required to enhance the authentication process on existing system. In this paper, we propose a multi-factor authentication process by using software form of secure card system combined with existing ID/Password based login system. Proposed mechanism uses a random number generated from the his/her own handset with biometric information. Therefore, we can provide a one-time password function on web login system to authenticate the user using multi-factor form. Proposed scheme provide enhanced authentication function and security because it is a 'multi-factor authentication mechanism' combined with handset and biometric information on web login system.

Internet Banking Login with Multi-Factor Authentication

  • Boonkrong, Sirapat
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.1
    • /
    • pp.511-535
    • /
    • 2017
  • Internet banking is one of many services provided by financial institutions that have become very popular with an increasing trend. Due to the increased amount of usage of the service, Internet banking has become a target from adversaries. One of the points that are at risk of an attack is the login process. Therefore, it is necessary to have a security mechanism that can reduce this risk. This research designs and develops a multi-factor authentication protocol, starting from a registration system, which generates authentication factors, to an actual authentication mechanism. These factors can be categorised into two groups: short term and long term. For the authentication protocol, only three messages need to be exchanged between a client and a financial institution's server. Many cryptographic processes are incorporated into the protocol, such as symmetric and asymmetric cryptography, a symmetric key generation process, a method for generating and verifying digital signatures. All of the authentication messages have been proved and analysed by the logic of GNY and the criteria of OWASP-AT-009. Even though there are additional factors of authentication, users do not really feel any extra load on their part, as shown by the satisfactory survey.

A Method of Risk Assessment for Multi-Factor Authentication

  • Kim, Jae-Jung;Hong, Seng-Phil
    • Journal of Information Processing Systems
    • /
    • v.7 no.1
    • /
    • pp.187-198
    • /
    • 2011
  • User authentication refers to user identification based on something a user knows, something a user has, something a user is or something the user does; it can also take place based on a combination of two or more of such factors. With the increasingly diverse risks in online environments, user authentication methods are also becoming more diversified. This research analyzes user authentication methods being used in various online environments, such as web portals, electronic transactions, financial services and e-government, to identify the characteristics and issues of such authentication methods in order to present a user authentication level system model suitable for different online services. The results of our method are confirmed through a risk assessment and we verify its safety using the testing method presented in OWASP and NIST SP800-63.

Access Management Using Knowledge Based Multi Factor Authentication In Information Security

  • Iftikhar, Umar;Asrar, Kashif;Waqas, Maria;Ali, Syed Abbas
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.7
    • /
    • pp.119-124
    • /
    • 2021
  • Today, both sides of modern culture are decisively invaded by digitalization. Authentication is considered to be one of the main components in keeping this process secure. Cyber criminals are working hard in penetrating through the existing network channels to encounter malicious attacks. When it comes to enterprises, the company's information is a major asset. Question here arises is how to protect the vital information. This takes into account various aspects of a society often termed as hyper connected society including online communication, purchases, regulation of access rights and many more. In this research paper, we will discuss about the concepts of MFA and KBA, i.e., Multi-Factor Authentication and Knowledge Based Authentication. The purpose of MFA and KBA its utilization for human.to.everything..interactions, offering easy to be used and secured validation mechanism while having access to the service. In the research, we will also explore the existing yet evolving factor providers (sensors) used for authenticating a user. This is an important tool to protect data from malicious insiders and outsiders. Access Management main goal is to provide authorized users the right to use a service also preventing access to illegal users. Multiple techniques can be implemented to ensure access management. In this paper, we will discuss various techniques to ensure access management suitable for enterprises, primarily focusing/restricting our discussion to multifactor authentication. We will also highlight the role of knowledge-based authentication in multi factor authentication and how it can make enterprises data more secure from Cyber Attack. Lastly, we will also discuss about the future of MFA and KBA.

CCTV-Based Multi-Factor Authentication System

  • Kwon, Byoung-Wook;Sharma, Pradip Kumar;Park, Jong-Hyuk
    • Journal of Information Processing Systems
    • /
    • v.15 no.4
    • /
    • pp.904-919
    • /
    • 2019
  • Many security systems rely solely on solutions based on Artificial Intelligence, which are weak in nature. These security solutions can be easily manipulated by malicious users who can gain unlawful access. Some security systems suggest using fingerprint-based solutions, but they can be easily deceived by copying fingerprints with clay. Image-based security is undoubtedly easy to manipulate, but it is also a solution that does not require any special training on the part of the user. In this paper, we propose a multi-factor security framework that operates in a three-step process to authenticate the user. The motivation of the research lies in utilizing commonly available and inexpensive devices such as onsite CCTV cameras and smartphone camera and providing fully secure user authentication. We have used technologies such as Argon2 for hashing image features and physically unclonable identification for secure device-server communication. We also discuss the methodological workflow of the proposed multi-factor authentication framework. In addition, we present the service scenario of the proposed model. Finally, we analyze qualitatively the proposed model and compare it with state-of-the-art methods to evaluate the usability of the model in real-world applications.

다중 요소 인증에 사용 가능한 행위기반 바이오 인증

  • Sa, Kyeong-Jin;Woo, Jae-Yeon;Youm, Heung-Youl
    • Review of KIISC
    • /
    • v.26 no.6
    • /
    • pp.51-57
    • /
    • 2016
  • IT 기술의 발달로 다양한 인터넷 서비스를 사용하게 되면서 개인정보의 유출 등 위협이 증가하고 있다. 이에 개인정보의 중요도가 높아지면서 정보보안에 대한 관심도 높아지고 있다. 현재까지 많이 사용되고 있는 인증기술들은 단일 요소 인증으로 다중 인증(multi-factor authentication) 기술에 비하면 취약하다. 본 논문에서는 행위기반 바이오 인증 기술들 중 다중 인증을 하는데 이용 가능한 기술들에 대해 분석하고, 특성을 제시한다.

Data Block based User Authentication for Outsourced Data (아웃소싱 데이터 보호를 위한 데이터 블록 기반의 상호 인증 프로토콜)

  • Hahn, Changhee;Kown, Hyunsoo;Kim, Daeyeong;Hur, Junbeom
    • Journal of KIISE
    • /
    • v.42 no.9
    • /
    • pp.1175-1184
    • /
    • 2015
  • Recently, there has been an explosive increase in the volume of multimedia data that is available as a result of the development of multimedia technologies. More and more data is becoming available on a variety of web sites, and it has become increasingly cost prohibitive to have a single data server store and process multimedia files locally. Therefore, many service providers have been likely to outsource data to cloud storage to reduce costs. Such behavior raises one serious concern: how can data users be authenticated in a secure and efficient way? The most widely used password-based authentication methods suffer from numerous disadvantages in terms of security. Multi-factor authentication protocols based on a variety of communication channels, such as SMS, biometric, or hardware tokens, may improve security but inevitably reduce usability. To this end, we present a data block-based authentication scheme that is secure and guarantees usability in such a manner where users do nothing more than enter a password. In addition, the proposed scheme can be effectively used to revoke user rights. To the best of our knowledge, our scheme is the first data block-based authentication scheme for outsourced data that is proven to be secure without degradation in usability. An experiment was conducted using the Amazon EC2 cloud service, and the results show that the proposed scheme guarantees a nearly constant time for user authentication.

A Design and Implementation of User Authentication System using Biometric Information (바이오 정보를 이용한 사용자 인증 시스템 설계 및 구현)

  • Lee, Hyung-Woo;Park, Yeong-Joon
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.11 no.9
    • /
    • pp.3548-3557
    • /
    • 2010
  • Security enhancement technologies are required to preventing phishing and pharming attacks on Internet banking. One-time password(OTP) should be used with certificate for enhancing user authentication and security performance. However, existing OTP technique is weak on MITM(Man-In-The-Middle) attack and synchnonization should be provided on OTP system. Therefore, more advanced mechanism such as combining biometic data with OTP can be suggested to enhancing security on authentication system. In this paper, we designed and implemented a multifactor authentication system using one-time biometric template to generate unique authentication data after adapting biometric transform on each user's biometric data.

A Study on The Improvement of User Authentication using the Facial Recognition and OTP Technique in the Mobile Environment (모바일 환경에서 OTP기술과 얼굴인식 기술을 이용한 사용자 인증 개선에 관한 연구)

  • Huh, Seung-Pyo;Lee, Dae-Sung;Kim, Kui-Nam
    • Convergence Security Journal
    • /
    • v.11 no.3
    • /
    • pp.75-84
    • /
    • 2011
  • With the rapid development of mobile technology the use of smartphone is spreading. In order to activate mobile banking and market in the future, the most important key is a secure financial transactoin. However, because many apps are developed without security check in proportional to the spread of smartphone, security threat is inevitably high. Current smartphone banking is processed as the way of the existing public certificate or OTP technique in the mobile environment, but many security hole about current technology is pointed out steadily. Therefore, in this paper we are to improve a existing security hole by reinforcing the security through multi-factor authentication and providing a physical non-repudiation.

OTP-Based Transaction Verification Protocol Using PUFs (PUF를 이용한 OTP 기반 거래 검증 프로토콜)

  • Lee, Jonghoon;Park, Minho;Jung, Souhwan
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.38B no.6
    • /
    • pp.492-500
    • /
    • 2013
  • The One-Time Password(OTP) Generator is used as a multi-factor authentication method to ensure secure transaction during e-Financial transaction in the bank and securities company. The OTP based e-Financial Transaction Verification Protocol ensures secure e-financial transaction through confirming the user's identity using OTP authentication information and counters not only Man-in-the-Browser(MITB) attacks but also memory hacking attacks. However, it is possible to generate correct OTPs due to potential of stealing sensitive information of the OTP generator through intelligent phishing, pharming, social engineering attacks. Therefore, it needs another scheme to prevent from above threats, and this paper proposes advanced scheme using Physical Unclonable Functions(PUFs) to solve these problems. First, it is impossible to generate the same OTP values because of the hysically unclonable features of PUFs. In addition, it is impossible to clone OTP generator with hardware techniques. Consequently, the proposed protocol provides stronger and more robust authentication protocol than existing one by adding PUFs in the OTP generator.