Efficient and Flexible Multi-Factor Authentication Protocol Based on Fuzzy Extractor of Administrator’s Fingerprint and Smart Mobile Device

Mohammed, Alzahraa J.; Yassin, Ali A.

doi:10.3390/cryptography3030024

Cited by 10 publications

(5 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is the successor step after one has entered their credentials, which corresponds to something they know (traditionally a password and a username), so even though an attacker steals or guesses a user's password, they must compromise the user's phone or steal a physical device to gain access to the account [ 7 ]. As a result, compromising an account protected by a second authentication factor is far more difficult for a remote attacker [ 8 , 9 ]. However, these technologies still reside in an external gadget that might be stolen and hence exploit the technology.…”

Section: Introductionmentioning

confidence: 99%

Biometric Authentication for Intelligent and Privacy-Preserving Healthcare Systems

Nigam

Patel

Vincent

et al. 2022

Journal of Healthcare Engineering

View full text Add to dashboard Cite

Secure identification is a critical system requirement for patients seeking health-related services. In the event of critical, aged, or disabled patients who require frequent health treatments, quick and easy identification is vital. Researchers describe the notion of the unprotected environment in this study, in which patients can receive health services from the hospital’s smart and intelligent surroundings without the use of explicit equipment. Patients would interact directly with the environment and be identified through it. We suggest a biometric-based authentication technique for the unprotected hospital environment that also safeguards the patient’s identity privacy. Furthermore, we demonstrate that this authentication technique is resistant to many well-known assaults, including insider attacks, replay attacks, and identity privacy. Doctors and other staff members showed enthusiastic responses after installing 2-factor authentications, as it makes their workflow efficient and makes things easier for patients. It also lets them focus on other factors rather than worrying about data security; hence, we need biometric authentication in intelligent and privacy-preserving healthcare systems. The paper deals with two-factor biometric authentication, and despite the added security, two-factor authentication adoption is said to be poor. It is due to a lack of awareness and difficulty to use and configure two-factor authentication (2FA) into a particular application by some individuals who struggle with the concept of authentication and its technology. Also, many 2FA methods in widespread use today have not been subjected to adequate usability testing. Research focuses on the point that there is still a large section of people unaware of the use of biometric systems to protect their online data. Researchers collected quantitative and qualitative data from 96 individuals during a two-week between-subjects usability survey of some common and rarely used 2FA approaches. The survey allowed the researcher to investigate which authentication methods are given higher priority and why, along with the relationship between different usage patterns and perceived usability, and identify user misconceptions and insecure habits to determine ease of use. It was observed that the biometric-based method was given the utmost preferability.

show abstract

Section: Introductionmentioning

confidence: 99%

Biometric Authentication for Intelligent and Privacy-Preserving Healthcare Systems

Nigam

Patel

Vincent

et al. 2022

Journal of Healthcare Engineering

View full text Add to dashboard Cite

show abstract

“…In this scenario using BYOD, people today feel reluctant to lend their own mobile device, even for a short time. (Mohammed & Yassin, 2019) specific attendance systems. Number of factors means the four factors used in this paper, including s1 for something you know, s2 for something you have, s3 for something you are, and s4 for somewhere you are.…”

Section: Discussionmentioning

confidence: 99%

“…A number of research studies have attempted to introduce new authentication methods in multi-factor authentication. A CCTV and smartphone-based multi-factor authentication framework using face detection/recognition and unique hardware identification has been proposed ( Kwon, Sharma & Park, 2019 ) as well as a combination of the use of mobile device and fingerprint ( Mohammed & Yassin, 2019 ) methods. In an online examination regarding something you know , the scheme involves people sharing information prior to the exam date and answering questions relating to the shared information just before the exam ( Ullah, Xiao & Barker, 2018 ).…”

Section: Related Workmentioning

confidence: 99%

Usable comprehensive-factor authentication for a secure time attendance system

Vorakulpipat

Pichetjamroen

Rattanalerdnusorn

2021

PeerJ Computer Science

View full text Add to dashboard Cite

In information security, it is widely accepted that the more authentication factors are used, the higher the security level. However, more factors cannot guarantee usability in real usage because human and other non-technical factors are involved. This paper proposes the use of all possible authentication factors, called comprehensive-factor authentication, which can maintain the required security level and usability in real-world implementation. A case study of an implementation of a secure time attendance system that applies this approach is presented. The contribution of this paper is therefore to provide a security scheme seamlessly integrating all classical authentication factors plus a location factor into one single system in a real environment with a security and usability focus. Usability factors emerging from the study are related to a seamless process including the least number of actions required, the lowest amount of time taken, health safety during the pandemic, and data privacy compliance.

show abstract

“…Various authentication stages were described in previous approaches, as they did with the knowledge-based methods in the authentication stage. The security mechanism for usernames and passwords that can easily be accessed through guessing and password based attacks [41][42]. There is also a possibility to develop user authentication methods for multi-factor implementations.…”

Section: Discussion and Analysismentioning

confidence: 99%

An Improved Time-Based One Time Password Authentication Framework for Electronic Payments

Hassan¹,

Shukur²,

Kamrul³

2020

IJACSA

View full text Add to dashboard Cite

One-time Password is important in present day scenario in the purposes of improving the security of electronic payments. Security sensitive environment or perhaps organization avoid the resources from unauthorized access by allowing different access control mechanism as user authentication. There are several safety issues in one Password based authentication. However, studies show that OTP sent over SMS are causing different causes and issues, which lead to precious time, delay in transaction. User authentication can be raised with more levels within the procedure of multi-factor authentication scheme. Time-based One-time Password and biometrics are one of the widely accepted mechanisms that incorporate multi-factor authentication. In this paper, we approach the Time-based OTP authentication algorithm with biometric fingerprints to secure an electronic payment. This algorithm uses a secret key exchanged between the client and the server and uses a certain password through the algorithm. The shuffle of the TOTP approach better wear by screening the key as being a QR code, as revealed in the majority movable applications are able to read. It offers confidentiality at the application level within the system to protect user credential within equal entities (the user and the server) for preventing brute force and dictionary attacks. Thus, the proposed system design is possible for users because of the lack of the concern of holding its own hardware token or additional charges from the short message service. Our suggested approach has been found to improve safety performance substantially compared to existing methods with regard to authentication and authorization. This research hopes to boost research effort on further advancement of cryptosystems surrounding multi-factor authentication.

show abstract

Efficient and Flexible Multi-Factor Authentication Protocol Based on Fuzzy Extractor of Administrator’s Fingerprint and Smart Mobile Device

Cited by 10 publications

References 34 publications

Biometric Authentication for Intelligent and Privacy-Preserving Healthcare Systems

Biometric Authentication for Intelligent and Privacy-Preserving Healthcare Systems

Usable comprehensive-factor authentication for a secure time attendance system

An Improved Time-Based One Time Password Authentication Framework for Electronic Payments

Contact Info

Product

Resources

About