Advertisement

Multi-Factor Authentication

More secure approach towards authenticating individuals
  • Dipankar Dasgupta
  • Arunava Roy
  • Abhijit Nag
Chapter
Part of the Infosys Science Foundation Series book series (ISFS)

Abstract

Multi-Factor authentication (MFA) is a secure process of authentication which requires more than one authentication technique chosen from independent categories of credentials. Like single factor, multi-factor is increasingly used to verify the users’ identities in accessing the cyber system and information. MFA combines two or more types of authentication to provide better and secure way of authenticating users.

References

  1. 1.
    Multi-factor Authentication (2016) Accessed date: 01 Dec 2016. http://searchsecurity.techtarget.com/definition/multifactor-authentication-MFA
  2. 2.
    Multifactor authentication examples and business case scenarios (2016) Accessed date: 01 Dec 2016. URL: http://searchsecurity.techtarget.com/feature/The-fundamentals-of-MFA-The-business-case-for-multifactor-authentication
  3. 3.
    Anderson T (2014) Why multi-factor authentication is a security best practice. Access date: 01 Dec 2016. URL: http://www.scmagazineuk.com/why-multi-factor-authentication-is-a-security-best-practice/article/373462/
  4. 4.
    Pascual A, Miller S (2015) 2015 Identity fraud: protecting vulnerable populations. Accessed Date: 01 Dec 2016. URL: https://www.javelinstrategy.com/brochure/347
  5. 5.
    Identity Theft and Cybercrime (2015) Access date: 01 Dec 2016. URL: http://www.iii.org/fact-statistic/identity-theft-and-cybercrime
  6. 6.
    SafeNet (2014) 2014 authentication survey. Accessed: 01 Dec 2016. URL: http://www.safenet-inc.com/resources/data-protection/2014-authentication-survey-executive-summary/
  7. 7.
    Laurello J (2013) Q&A: challenges, benefits of implementing single sign-on in hospitals. Accessed: 01 Dec 2016. URL: http://searchhealthit.techtarget.com/feature/QA-Challenges-benefits-of-implementing-single-sign-on-in-hospitals
  8. 8.
    Villanueva JC (2014) 5 big business benefits of using sso (Single Sign-on). Access date: 01 Dec 2016. URL: http://www.jscape.com/blog/bid/104856/5-Big-Business-Benefits-of-Using-SSO-Single-Sign-On
  9. 9.
    Blattner N (2014) Password self help—password reset for IBM i. Accessed: 01 Dec 2016. URL: http://www.ibmsystemsmag.com/pdfs/PasswordSelfHelp—Password-Reset-for-IBM-i/
  10. 10.
    Peterson T (2013) Moving single sign-on (SSO) beyond convenience. Accessed: 01 Dec 2016. URL: file:///C:/Users/Abhijit/Downloads/moving-single-sign-on-beyond-convenience-13757.pdfGoogle Scholar
  11. 11.
    Lawton S (2015) Secure authentication with single sign-on (SSO) solutions. Accessed: 01 Dec 2016. URL: http://www.tomsitpro.com/articles/single-sign-on-solutions,2-853.html
  12. 12.
    FIDO (2015) History of FIDO alliance. Accessed: 01 Dec 2016. URL: https://fidoalliance.org/about/
  13. 13.
    FIDO (2015) Members: bringing together an ecosystem. Accessed: 01 Dec 2016. URL: https://fidoalliance.org/membership/members/
  14. 14.
    FIDO (2015) Specifications overview. Accessed: 01 Dec 2016. URL: https://fidoalliance.org/specifications/overview/
  15. 15.
    CA Technologies (2015) CA strong authentication. Accessed: 01 Dec 2016. URL: http://www.ca.com/us/securecenter/ca-strong-authentication.aspx
  16. 16.
    CA Technologies (2013) Deliver secure, new business services in a multi-channel customer environment. Accessed date: 01 Dec 2016Google Scholar
  17. 17.
    CA Technologies (2015) CA strong authentication data sheet. Accessed date: 01 Dec 2016. URL: http://www.ca.com/us/~/media/Files/DataSheets/ca-strong-authentication.PDF
  18. 18.
    Okta (2015) Introducing Okta adaptive MFA. Accessed date: 01 Dec 2016. URL: https://www.okta.com/product/adaptive-mfa/
  19. 19.
    Okta (2015) Enabling just in time provisioning. Accessed date: 01 Dec 2016. URL: https://support.okta.com/articles/Knowledge_Article/27715118-Enabling-Just-In-Time-Provisioning?fs=RelatedArticle&l=en_US
  20. 20.
    Vasco (2015) IDENTIKEY authentication server 3.8. Accessed date: 01 Dec 2016. URL: https://www.vasco.com/Images/IDENTIKEY-Authentication-Server-3.8-Datasheet-(II).pdf
  21. 21.
    Vasco (2014) IDENTIKEY authentication server. Accessed date: 01 Dec 2016. URL: https://www.vasco.com/Images/Identikey_BR201401-v5.pdf
  22. 22.
    Vasco (2015) IDENTIKEY authentication server. Accessed date: 01 Dec 2016. URL: https://www.vasco.com/products/server_products/identikey/ik_auth/identikey-authentication-server.aspx
  23. 23.
    Dell Defender (2015) Defender: protect your perimeter with two-factor authentication. Accessed date: 01 Dec 2016. URL: http://software.dell.com/documents/defender-datasheet-29206.pdf
  24. 24.
    Dell Defender (2015) Two-factor authentication made easy. Accessed date: 01 Dec 2016. URL: http://software.dell.com/products/defender/
  25. 25.
    Symantec VIP (2015) Symantec validation and ID protection service (VIP). Accessed date: 01 Dec 2016. URL: http://www.symantec.com/vip-authentication-service/
  26. 26.
    Symantec VIP Data Sheet (2015) Symantec™ validation and ID protection service: prevent unauthorized access to sensitive networks and applications. Accessed date: 01 Dec 2016. URL: http://www.symantec.com/content/en/us/enterprise/fact_sheets/b-validation_and_id_protection_service_DS_21213686.en-us.pdf
  27. 27.
    Symantec VIP for Mobile (2012) Symantec™ VIP access for mobile. Accessed date: 01 Dec 2016. URL: http://www.symantec.com/content/en/us/enterprise/fact_sheets/b-verisign_identity_protection_access_for_mobile_DS_21172473.en-us.pdf
  28. 28.
    RSA SECURID (2015) RSA authentication products. Accessed date: 01 Dec 2016. URL: http://www.emc.com/security/rsa-securid/index.htm
  29. 29.
    RSA SECURID (2011) RSA SECURID® AUTHENTICATORS. Accessed date: 01 Dec 2016. URL: http://www.emc.com/collateral/software/data-sheet/h9061-rsa-securid.pdf
  30. 30.
    RSA SECURID (2014) RSA SECURID® software tokens. Accessed date: 01 Dec 2016. URL: http://www.emc.com/collateral/data-sheet/h13819-ds-rsa-securid-software-tokens.pdf
  31. 31.
    RSA SECURID (2014) RSA SECURID: risk-based authentication. Accessed date: 01 Dec 2016. URL: http://www.emc.com/collateral/data-sheet/h13823-ds-rsa-securid-risk-based-authentication.pdf
  32. 32.
    RSA SecurID (2014) RSA SecurID: management console. Accessed date: 01 Dec 2016. URL: http://www.emc.com/collateral/data-sheet/h13822-ds-rsa-securid-management-console.pdf
  33. 33.
    SafeNet (2015) SafeNet authentication service fully automated authentication as-a-Service. Accessed date: 01 Dec 2016. URL: http://www.safenet-inc.com/multi-factor-authentication/authentication-as-a-service/sas-safenet-authentication-service/
  34. 34.
    SafeNet (2015) SafeNet authentication service: affordable, flexible, cloud-based authentication. Accessed date: 01 Dec 2016. URL: http://www.safenet-inc.com/resources/data-protection/safenet-authentication-service-brochure/?langtype=1033
  35. 35.
    SafeNet (2015) Gemalto SafeNet authentication service: a faster, more effective way to manage authentication deployments. Accessed date: 01 Dec 2016. URL: http://www.safenet-inc.com/resources/data-protection/safenet-authentication-service-solution-brief/
  36. 36.
    SecureAuth IdP (2015) SecureAuth IdP 8.0. Access date: 01 Dec 2016. URL: https://www.secureauth.com/Product.aspx
  37. 37.
    SecureAuth IdP (2015) Two factor authentication: 20+ strong methods. Access date: 01 Dec 2016. URL: http://www.esecuritytogo.com/documents/secureauth_2_factor.pdf
  38. 38.
    SecureAuth IdP (2015) SecureAuth IdP user access control that works for you. Access date: 01 Dec 2016. URL: http://www-304.ibm.com/partnerworld/gsd/showimage.do?id=40694
  39. 39.
    SecureAuth IdP (2015) SecureAuth IdP single sign-on. Date: 01 Dec 2016. URL: https://www.secureauth.com/SecureAuth/media/Resources/SolutionBriefs/SecureAuth-Single-Sign-on.pdf?ext=.pdf
  40. 40.
    SecureAuth IdP (2015) SecureAuth IdP for mobile. Access date: 01 Dec 2016. URL: https://www.secureauth.com/SecureAuth/media/Resources/SolutionBriefs/SecureAuth-IdP-for-Mobile.pdf?ext=.pdf
  41. 41.
    SecureAuth IdP (2015) SecureAuth IdP Office 365. Accessed date: 01 Dec 2016. URL: https://www.secureauth.com/SecureAuth/media/Resources/SolutionBriefs/SecureAuth-IdP-for-Office-365.pdf?ext=.pdf
  42. 42.
    SecureAuth IdP (2015) SecureAuth IdP authentication API. Accessed date: 01 Dec 2016. URL: https://www.secureauth.com/SecureAuth/media/Resources/SolutionBriefs/SA_SolutionBrief_API.pdf
  43. 43.
    Bill Mathers (2015) What is Azure multi-factor authentication? Accessed date: 01 Dec 2016. URL: https://azure.microsoft.com/en-us/documentation/articles/multi-factor-authentication/
  44. 44.
    Microsoft Azure (2015) Multi-factor authentication pricing. Accessed date: 01 December 2016. URL: https://azure.microsoft.com/en-us/pricing/details/multi-factor-authentication/
  45. 45.
    Collier M, Shahan R (2015) Microsoft Azure Essentials-Fundamentals of Azure. Pearson EducationGoogle Scholar
  46. 46.
    Swivel (2015) Swivel: adaptable, active, authentication. Accessed date: 01 Dec 2016. URL: http://swivelsecure.com/
  47. 47.
    SwivelSecure (2014) Swivel secure overview. Accessed date: 01 December 2016. URL: http://hosteu.msgapp.com/uploads/96495/Documents/Data%20Sheets/1502%20DS%20Overview%20Data%20Sheet.pdf
  48. 48.
    SwivelSecure (2014) Risk based authentication. Accessed date: 01 Dec 2016. URL: http://hosteu.msgapp.com/uploads/96495/Documents/Data%20Sheets/1410_DS_Risk_Based_Data_Sheet.pdf
  49. 49.
    SwivelSecure (2014) SMS based authentication. Accessed date: 01 Dec 2016. URL: http://hosteu.msgapp.com/uploads/96495/Documents/Data%20Sheets/1410_DS_SMS_Data_Sheet.pdf
  50. 50.
    SwivelSecure (2014) Mobile app based authentication. Accessed date: 01 Dec 2016. URL: http://hosteu.msgapp.com/uploads/96495/Documents/Data%20Sheets/1411_DS_Mobile_App_EN.pdf
  51. 51.
    SwivelSecure (2014) Token based authentication. Accessed date: 01 Dec 2016. URL: http://hosteu.msgapp.com/uploads/96495/Documents/Data%20Sheets/1410_DS_Token_Data_Sheet.pdf
  52. 52.
    SwivelSecure (2014) PINpad. Accessed date: 01 Dec 2016. URL: http://hosteu.msgapp.com/uploads/96495/Documents/Data%20Sheets/1410_DS_PINpad_Data_Sheet.pdf
  53. 53.
  54. 54.
    DUO Security Product Overview (2016) Accessed date: 01 Dec 2016. URL: https://duo.com/assets/pdf/Duo-Security-Product-Overview.pdf
  55. 55.
    DUO Security: Two-Factor Authentication Made Easy. Accessed Date: 01 Dec 2016. URL: https://duo.com/assets/pdf/Duo-Security-Product-Datasheet.pdf
  56. 56.
    NIST Cybersecurity whitepaper on Best Practices for Privileged User PIV Authentication. 21 Apr 2016. http://csrc.nist.gov/publications/papers/2016/best-practices-privileged-user-piv-authentication.pdf
  57. 57.
    Ferraiolo H, Cooper D, Francomacaro S, Regenscheid A, Mohler J, Gupta S, Burr W (2014) National institute of standards and technology (NIST) special publication (SP) 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials.  10.6028/NIST.SP.800-157
  58. 58.
    RSA SECURID (2007) A comprehensive introduction to RSA SecurID® user authentication. Accessed date: 01 Dec 2016. URL: http://www.ais-cur.com/IntrotoSecurID.pdf
  59. 59.
    Strom D (2014) Okta verify|multifactor authentication product overview. Accessed Date: 01 Dec 2016. URL: http://searchsecurity.techtarget.com/feature/Multifactor-authentication-products-Okta-Verify
  60. 60.
    RSA SECURID (2010) RSA® SecurID two-factor authentication. Accessed date: 01 Dec 2016. URL: http://www.arrowecs.co.uk/ArrowECS/media/PDF-Library/Security/RSA/RSA-SecurID.pdf

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Department of Computer ScienceThe University of MemphisMemphisUSA

Personalised recommendations