Framework for the Comparison and Selection of Schemes for Multi-Factor Authentication
Authentication is the process of verifying a user’s identity for them to access a system’s resources. An authentication factor is a piece of information used for this authentication. Three well-known groups of authentication factors exist: knowledge-based (what you know), possession-based (what you...
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Centro Latinoamericano de Estudios en Informática
2021-04-01
|
| Series: | CLEI Electronic Journal |
| Subjects: | |
| Online Access: | http://www.clei.org/cleiej/index.php/cleiej/article/view/485 |
| _version_ | 1819140578208645120 |
|---|---|
| author | Ignacio Velásquez |
| author_facet | Ignacio Velásquez |
| author_sort | Ignacio Velásquez |
| collection | DOAJ |
| description | Authentication is the process of verifying a user’s identity for them to access a system’s resources. An authentication factor is a piece of information used for this authentication. Three well-known groups of authentication factors exist: knowledge-based (what you know), possession-based (what you have) and inherence-based (what you are). Authentication schemes belonging to distinct authentication factors can be combined in a multi-factor manner to increase security. Although multiple multi-factor proposals are seen in literature, the absence of a method that allows a proper comparison and selection of these authentication methods, based on an application’s security requirements, can be observed. Existing frameworks for the analysis of authentication methods have been identified through the realization of a systematic literature review, but most of these focus on specific contexts and do not provide a generic enough solution. Due to the above, this research focuses on the creation of a recommendation framework that guides in the comparison and selection of single and multi-factor authentication schemes, considering both the application’s requirements and its context. This has been attained not only through the knowledge found in literature, but the experience from industry experts has been compiled as well through the collaboration with a multinational software development company. Consequently, the knowledge found in literature has been obtained from a systematic literature review, whereas the experience from industry experts was obtained through a survey and interviews. The framework proposal has been generated based on the above and has been validated through an expert panel and a case study methodology in collaboration with the partnered software development company. A tool prototype has been constructed as well. The result is a recommendation framework for the comparison and selection of authentication methods that can support this decision process in multiple contexts. |
| first_indexed | 2024-12-22T11:40:47Z |
| format | Article |
| id | doaj.art-0246af85e2bf453f90ac825a730196bc |
| institution | Directory Open Access Journal |
| issn | 0717-5000 |
| language | English |
| last_indexed | 2024-12-22T11:40:47Z |
| publishDate | 2021-04-01 |
| publisher | Centro Latinoamericano de Estudios en Informática |
| record_format | Article |
| series | CLEI Electronic Journal |
| spelling | doaj.art-0246af85e2bf453f90ac825a730196bc2022-12-21T18:27:17ZengCentro Latinoamericano de Estudios en InformáticaCLEI Electronic Journal0717-50002021-04-012419:19:2910.19153/cleiej.24.1.9427Framework for the Comparison and Selection of Schemes for Multi-Factor AuthenticationIgnacio Velásquez0University of Bío-BíoAuthentication is the process of verifying a user’s identity for them to access a system’s resources. An authentication factor is a piece of information used for this authentication. Three well-known groups of authentication factors exist: knowledge-based (what you know), possession-based (what you have) and inherence-based (what you are). Authentication schemes belonging to distinct authentication factors can be combined in a multi-factor manner to increase security. Although multiple multi-factor proposals are seen in literature, the absence of a method that allows a proper comparison and selection of these authentication methods, based on an application’s security requirements, can be observed. Existing frameworks for the analysis of authentication methods have been identified through the realization of a systematic literature review, but most of these focus on specific contexts and do not provide a generic enough solution. Due to the above, this research focuses on the creation of a recommendation framework that guides in the comparison and selection of single and multi-factor authentication schemes, considering both the application’s requirements and its context. This has been attained not only through the knowledge found in literature, but the experience from industry experts has been compiled as well through the collaboration with a multinational software development company. Consequently, the knowledge found in literature has been obtained from a systematic literature review, whereas the experience from industry experts was obtained through a survey and interviews. The framework proposal has been generated based on the above and has been validated through an expert panel and a case study methodology in collaboration with the partnered software development company. A tool prototype has been constructed as well. The result is a recommendation framework for the comparison and selection of authentication methods that can support this decision process in multiple contexts.http://www.clei.org/cleiej/index.php/cleiej/article/view/485securityauthentication schememulti-factor authentication methodrecommendation framework |
| spellingShingle | Ignacio Velásquez Framework for the Comparison and Selection of Schemes for Multi-Factor Authentication CLEI Electronic Journal security authentication scheme multi-factor authentication method recommendation framework |
| title | Framework for the Comparison and Selection of Schemes for Multi-Factor Authentication |
| title_full | Framework for the Comparison and Selection of Schemes for Multi-Factor Authentication |
| title_fullStr | Framework for the Comparison and Selection of Schemes for Multi-Factor Authentication |
| title_full_unstemmed | Framework for the Comparison and Selection of Schemes for Multi-Factor Authentication |
| title_short | Framework for the Comparison and Selection of Schemes for Multi-Factor Authentication |
| title_sort | framework for the comparison and selection of schemes for multi factor authentication |
| topic | security authentication scheme multi-factor authentication method recommendation framework |
| url | http://www.clei.org/cleiej/index.php/cleiej/article/view/485 |
| work_keys_str_mv | AT ignaciovelasquez frameworkforthecomparisonandselectionofschemesformultifactorauthentication |