Factor Authentication

14,000,000 Leading Edge Experts on the ideXlab platform

Scan Science and Technology

Contact Leading Edge Experts & Companies

Scan Science and Technology

Contact Leading Edge Experts & Companies

The Experts below are selected from a list of 3096 Experts worldwide ranked by ideXlab platform

Ariel Pomputius - One of the best experts on this subject based on the ideXlab platform.

Mervyn Jack - One of the best experts on this subject based on the ideXlab platform.

  • User perceptions of security and usability of single-Factor and two-Factor Authentication in automated telephone banking
    Computers & Security, 2011
    Co-Authors: Nancie Gunson, Diarmid Marshall, Hazel Morton, Mervyn Jack
    Abstract:

    This paper describes an experiment to investigate user perceptions of the usability and security of single-Factor and two-Factor Authentication methods in automated telephone banking. In a controlled experiment with 62 banking customers a knowledge-based, single-Factor Authentication procedure, based on those commonly used in the financial services industry, was compared with a two-Factor approach where in addition to the knowledge-based step, a one-time passcode was generated using a hardware security token. Results were gathered on the usability and perceived security of the two methods described, together with call completion rates and call durations for the two methods. Significant differences were found between the two methods, with the two-Factor version being perceived as offering higher levels of security than the single-Factor Authentication version; however, this gain was offset by significantly lower perceptions of usability, and lower ratings for convenience and ease of use for the two-Factor version. In addition, the two-Factor Authentication version took longer for participants to complete. This research provides valuable empirical evidence of the trade-off between security and usability in automated systems.

Wei Gao - One of the best experts on this subject based on the ideXlab platform.

  • An Efficient Generic Framework for Three-Factor Authentication With Provably Secure Instantiation
    IEEE Transactions on Information Forensics and Security, 2014
    Co-Authors: Guilin Wang, Wei Gao
    Abstract:

    Remote Authentication has been widely studied and adapted in distributed systems. The security of remote Authentication mechanisms mostly relies on one of or the combination of three Factors: 1) something users know—password; 2) something users have—smart card; and 3) something users are—biometric characteristics. This paper introduces an efficient generic framework for three-Factor Authentication. The proposed generic framework enhances the security of existing two-Factor Authentication schemes by upgrading them to three-Factor Authentication schemes, without exposing user privacy. In addition, we present a case study by upgrading a secure two-Factor Authentication scheme to a secure three-Factor Authentication scheme. Furthermore, implementation analysis, formal proof, and privacy discussion are provided to show that the derived scheme is practical, secure, and privacy preserving.

Zeashan Hameed Khan - One of the best experts on this subject based on the ideXlab platform.

  • secure biometric template generation for multi Factor Authentication
    Pattern Recognition, 2015
    Co-Authors: Salman H Khan, Ali M Akbar, Farrukh Shahzad, Mudassar Farooq, Zeashan Hameed Khan
    Abstract:

    In the light of recent security incidents, leading to compromise of services using single Factor Authentication mechanisms, industry and academia researchers are actively investigating novel multi-Factor Authentication schemes. Moreover, exposure of unprotected Authentication data is a high risk threat for organizations with online presence. The challenge is how to ensure security of multi-Factor Authentication data without deteriorating the performance of an identity verification system? To solve this problem, we present a novel framework that applies random projections to biometric data (inherence Factor), using secure keys derived from passwords (knowledge Factor), to generate inherently secure, efficient and revocable/renewable biometric templates for users' verification. We evaluate the security strength of the framework against possible attacks by adversaries. We also undertake a case study of deploying the proposed framework in a two-Factor Authentication setup that uses users' passwords and dynamic handwritten signatures. Our system preserves the important biometric information even when the user specific password is compromised - a highly desirable feature but not existent in the state-of-the-art transformation techniques. We have evaluated the performance of the framework on three publicly available signature datasets. The results prove that the proposed framework does not undermine the discriminating features of genuine and forged signatures and the verification performance is comparable to that of the state-of-the-art benchmark results. HighlightsA novel two-Factor Authentication framework involving user biometrics and passwords.A hybrid scheme for template security using subspace mapping and arithmetic hashing.Detailed security analysis of the proposed framework under different attack scenarios.Application of the proposed approach to protect dynamic signature templates.To show that proposed technique does not undermine the verification performance.

Patti Redd - One of the best experts on this subject based on the ideXlab platform.

  • improved grid security posture through multi Factor Authentication
    Grid Computing, 2011
    Co-Authors: Victor Hazlewood, Patricia Kovatch, Matthew Ezell, Matthew Johnson, Patti Redd
    Abstract:

    While methods of securing communication over the Internet have changed from clear text to secure encrypted channels over the last decade, the basic username-password combination for Authentication has remained the mainstay in academic research computing and grid environments. Security incidents affecting grids, such as the TeraGrid stakkato incident of 2004 and 2005, has demonstrated that the use of reusable passwords for Authentication can be readily exploited and can lead to a widespread security incident across the grid [1,2]. The University of Tennessee's National Institute for Computational Sciences (NICS) founded in 2008 has provided resources to the TeraGrid, including Kraken, a 1.17 petaflops Cray XT5, and has implemented and promoted the use of multi-Factor Authentication mechanisms since its founding. The benefits of use of this stronger Authentication method has been higher productivity and resource availability for users due to no known user account compromises caused by stolen NICS user credentials that led to disabling accounts or system resources. NICS has been developing and experimenting with expanding our use of multi-Factor Authentication to the grid. NICS has integrated multi-Factor Authentication with our certificate authority so that users can now run my proxy and receive a multi-Factor authenticated certificate. NICS is also exploring the federation of multi-Factor Authentication systems, with the goal of "one user, one token". This is especially important, as new grid resources, such as Blue Waters, will only allow multi-Factor Authentication, and we want the users to only carry one token, not many tokens. XSEDE, the TeraGrid successor, will also be deploying multi-Factor Authentication in addition to the other existing Authentication methodologies. XSEDE will also work closely with science gateways and workflows to develop and maintain secure frameworks for the highest level of security possible.

  • GRID - Improved Grid Security Posture through Multi-Factor Authentication
    2011 IEEE ACM 12th International Conference on Grid Computing, 2011
    Co-Authors: Victor Hazlewood, Patricia Kovatch, Matthew Ezell, Matthew Johnson, Patti Redd
    Abstract:

    While methods of securing communication over the Internet have changed from clear text to secure encrypted channels over the last decade, the basic username-password combination for Authentication has remained the mainstay in academic research computing and grid environments. Security incidents affecting grids, such as the TeraGrid stakkato incident of 2004 and 2005, has demonstrated that the use of reusable passwords for Authentication can be readily exploited and can lead to a widespread security incident across the grid [1,2]. The University of Tennessee's National Institute for Computational Sciences (NICS) founded in 2008 has provided resources to the TeraGrid, including Kraken, a 1.17 petaflops Cray XT5, and has implemented and promoted the use of multi-Factor Authentication mechanisms since its founding. The benefits of use of this stronger Authentication method has been higher productivity and resource availability for users due to no known user account compromises caused by stolen NICS user credentials that led to disabling accounts or system resources. NICS has been developing and experimenting with expanding our use of multi-Factor Authentication to the grid. NICS has integrated multi-Factor Authentication with our certificate authority so that users can now run my proxy and receive a multi-Factor authenticated certificate. NICS is also exploring the federation of multi-Factor Authentication systems, with the goal of "one user, one token". This is especially important, as new grid resources, such as Blue Waters, will only allow multi-Factor Authentication, and we want the users to only carry one token, not many tokens. XSEDE, the TeraGrid successor, will also be deploying multi-Factor Authentication in addition to the other existing Authentication methodologies. XSEDE will also work closely with science gateways and workflows to develop and maintain secure frameworks for the highest level of security possible.

Factor Authentication - 15 days free trial to Access Experts & Abstracts