A Comprehensive Study on Multifactor Authentication Schemes

  • Kumar Abhishek
  • Sahana Roshan
  • Prabhat Kumar
  • Rajeev Ranjan
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 177)

Abstract

In recent years, the development in Information technology has unleashed new challenges and opportunities for new authentication systems and protocols. Authentication ensures that a user is who they claim to be. The trust of authenticity increases exponentially when more factors are involved in the verification process. When security infrastructure makes use of two or more distinct and different category of authentication mechanisms to increase the protection for valid authentication, It is referred to as Strong Authentication or Multifactor Authentication. Multifactor authentication uses combinations of “Something you know,” “Something you have,” “Something you are” and “Somewhere you are”/“Someone you know”, to provide stronger remote authentication than traditional, unreliable single-factor username and password authentication. In this paper we do a survey on the different aspects of multifactor authentication, its need, its techniques and its impact.

Keywords

Multi Factor Authentication One Time Passwords OTP Biometrics 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Authentication in an Internet Banking Environment, Federal Financial Institutions Examination Council, http://www.ffiec.gov/pdf/authentication_guidance.pdf
  2. 2.
    Wildstrom, Stephen: Securing Your PC: You’re on Your Own. Business Week, p. 26 (May 26, 2003)Google Scholar
  3. 3.
    Analysis & Review of FFIEC Multi-Factor Authentication Guidance, Data Risk Governance, http://datariskgovernance.com/risk-assessment/multi-factor-authentication-in-banking/
  4. 4.
    Multifactor Authentication, Tevora Business Solution Blog, http://blog.tevora.com/authentication/multifactor-authentication-2/
  5. 5.
    Gpayments, Two-Factor Authentication: An essential guide in the fight against Internet fraud (February 2006)Google Scholar
  6. 6.
    Sobotka, J., Doležel, R.: Multifactor authentication systems, vol. 1(4) (December 2010) ISSN 1213-1539Google Scholar
  7. 7.
    Kemshall, A.: Phil Underwood, Options for Two Factor Authentication, White paper by SecurenvoyGoogle Scholar
  8. 8.
  9. 9.
  10. 10.
    RSA White paper, RSA SecurID Authenticators (2009), http://www.rsa.com
  11. 11.
    Mitnick, K.D., Simon, W.L.: The Art of Deception: Controlling the Human Element of Security. Wiley (2002)Google Scholar
  12. 12.
    Brianard, John, Ari, J., Rivest, Ronald: Fourth Factor Authentication: Some-body you know (2006), http://www.rsa.com
  13. 13.
    Davis, J., Orr, T.: A Case for Multi-factor Authentication in Public Key Infrastructure (Spring 2006)Google Scholar
  14. 14.
    Bhargav, A., Squicciarini, A., Bertino, E.: Privacy Preserving Multi-Factor Authentication with BiometricsGoogle Scholar
  15. 15.
    Bhargav-Spantzel, A., Squicciarini, A.C., Bertino, E., Modi, S., Young, M., Elliott, S.J.: Privacy preserving multi-factor authentication with biometrics. J. Comput. Security 15(5), 529–560 (2007)Google Scholar
  16. 16.
    Fan, C.-I., Lin, Y.-H.: Provably Secure Remote Truly Three-Factor Authenti-cation Scheme with Privacy Protection on Biometrics. IEEE Transactions on Information Forensics and Security 4(4) (December 2009)Google Scholar
  17. 17.
    Huang, X., Xiang, Y., Chonka, A., Zhou, J., Deng, R.H.: A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems. IEEE Transactions on Parallel and Distributed Systems 22(8) (August 2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Kumar Abhishek
    • 1
  • Sahana Roshan
    • 2
  • Prabhat Kumar
    • 3
  • Rajeev Ranjan
    • 3
  1. 1.Department of Computer Science and EngineeringN.I.T.PatnaIndia
  2. 2.Department of Information TechnologyAl Musanna College of TechnologyOmanSaudi Arabia
  3. 3.Department of Information TechnologyN.I.T.PatnaIndia

Personalised recommendations