MULTI-FACTOR AUTHENTICATION MODELLING
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F49777513%3A23520%2F20%3A43960650" target="_blank" >RIV/49777513:23520/20:43960650 - isvavai.cz</a>
Result on the web
<a href="http://ric.zntu.edu.ua/issue/view/12587" target="_blank" >http://ric.zntu.edu.ua/issue/view/12587</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.15588/1607-3274-2020-2-11" target="_blank" >10.15588/1607-3274-2020-2-11</a>
Alternative languages
Result language
angličtina
Original language name
MULTI-FACTOR AUTHENTICATION MODELLING
Original language description
Context. Currently, institutions and companies face massive cyber-attacks. Attacks are always focused on some authentication weakness that is part of a particular authentication protocol. In the event of an attack, it is necessary to respond flexibly to the weakening of authentication mechanisms. In the event of an attack, it is necessary to quickly identify the affected authentication factor and its importance to temporarily weaken. Subsequently, it is possible to detect the affected weakness and weaken the meaning of only the algorithms showing this weakness. Algorithms that do not show this weakness should be left unchanged. This paper introduces a mathematics model of authentication. By quick changing the model parameters, we can flexibly adapt the use of authentication means to the situation. Objective. The purpose of this work is to propose a method that will allow to quantify the strength (quality) of authentication. In order it will be possible to dynamically change the authentication method depending on the current risks of attacks. Method. The method is to design a mathematical model and its simulation. The model is then based on the sum of the strengths of the individual authentication factors. A risk-based mechanism is used to determine model parameters. Results. The paper then demonstrates the simulation results using commonly used authentication means. The paper then demonstrates the simulation results using commonly used authentication means: password, hardware based one-time password, device fingerprint, external authentication, and combination of this methods. Simulations have shown that using this mathematical model makes it easy to model the use of authentication resources. Conclusions. With this model, it seems easy to model different security situations. In the real situation, the model parameters will need to be refined as part of the feedback assessment of the established security incidents.
Czech name
—
Czech description
—
Classification
Type
J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
—
Continuities
S - Specificky vyzkum na vysokych skolach
Others
Publication year
2020
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Name of the periodical
Radio Electronics, Computer Science, Control
ISSN
1607-3274
e-ISSN
—
Volume of the periodical
Neuveden
Issue of the periodical within the volume
2
Country of publishing house
UA - UKRAINE
Number of pages
11
Pages from-to
106-116
UT code for WoS article
000567413600011
EID of the result in the Scopus database
—