A Novel Approach to Users' Authentication and Authorization

Robert Sekulski, Marek Woda

Abstract


In this paper, an adaptive method of users’ authentication and authorization is proposed. With Bring Your Own Device postulate, working conditions and users’ habits have changed and the users connect to company resources with their own devices. This situation poses a severe threat to security, but tightening security rules is not always an option. This brought a need of an adaptive system, which would choose methods adequate to the current threat level. Proposed solution not only minimizes the risk of unauthorized access to company’s data, but also simplifies users’ authentication process.

Keywords


adaptive method; authentication; authorization

Full Text:

PDF

References


An essential and strategic solution for service provider Wi-Fi deployments (2014) [Online]: http://www.wi-fi.org/file/wi-fi-certified-passpoint-an-essential-and-strategicsolution-for-service-provider-wi-fi

Cisco annual security report. (2015) [Online]: http://www.cisco.com/web/offers/lp/2015-annual-security-report/index.html

Deja vu Security Overview (2014) [Online]: http://peachfuzzer.com/pdf/Deja_Overview-DejaVuSecurity-Datasheet-2014.f.pdf

Computer Virus facts and stats (2014) [Online]: http://cloudtweaks.com/2014/04/cloudinfographic-computer-virus-facts-stats/

Is OpenAM or OAM the better fit for replacing OpenSSO? (2013) [Online]: http://www.ssocircle.com/en/1284/openam-oam-the-better-fit-for-replacing-opensso/

Mobile Malware report - A New Look at Old Threats (2014) BLUE COAT SYSTEMS [Online]: https://www2.bluecoat.com/ja

Overall Statistics for 2013. Kaspersky Security Bulletin. (2013) [Online]: http://securelist.com/analysis/kaspersky-security-bulletin/58265/kaspersky-securitybulletin-2013-overall-statistics-for-2013/

Passfaces Technology – Graphical Password Technology (2014) [Online]: http://www.realuser.com/enterprise/resources/what_is_two_factor_authentication.htm

Bailey C., D. Chadwick W., Lemos R.D.: Self-adaptive authorization framework for policy based RBAC/ABAC models, Proceedings of the IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing, ser. DASC ‘11. Washington, DC, USA: IEEE Computer Society, p. 37-44. (2011) [Online]: http://dx.doi.org/10.1109/DASC.2011.31

ForgeRock. Open identity stack: Forging a new future for identity and access management (2014). [Online]: http://www.forgerock.com/media/filer_public/e5/16/e516c8d9-ba86-46fd-bef8-386ebe6da11b/whitepaper_openidentitystack.pdf

Gao J., Zhang B., Ren Z.: A dynamic authorization model based on security label and Role, IEEE International Conference on Information Theory and Information Security (ICITIS), p. 650-653 (2010).

Gkarafli S., Economides A.: Comparing the proof by knowledge authentication techniques, International Journal of Computer Science and Security (IJCSS), Volume 4, Issue 2, p. 237-255 (2011).

Hollestelle G., Schuurmans T.: Online authentication methods. Evaluate the strength of online authentication methods (2008) [Online]: http://staff.science.uva.nl/~delaat/rp/2007-2008/p30/report.pdf

Irakleous I., Furnell S. M., Dowland P. S., Papadaki M.: An experimental comparison of secret-based user authentication technologies. Information Management and Computer Security, 10(3): p. 100-108, (July 2002).

Mendyk-Krajewska T., Mazur Z.: Problem of network security threats, 3rd Conference on Human System Interactions, p. 436-443 (May 2010).

Miller K., Voas J., Hurlburt G., BYOD: Security and privacy considerations, IT Professional, vol. 14, no. 5, p. 53-5, Sept.-Oct. (2012) [Online]: http://dx.doi.org/10.1109/MITP.2012.93

Smith R.: Authentication - from passwords to public keys. Addison-Wesley, (2002).

Todorov D.: Mechanics of User Identification and Authentication: Fundamentals of Identity Management, 1st ed. AUERBACH, (June 2007).

Venkatesan R., Bhattacharya S.: Threat-adaptive security policy, Performance, Computing, and Communications Conference. IPCCC 1997. IEEE International, p. 525-531, (Feb 1997), http://dx.doi.org/10.1109/PCCC.1997.581559




DOI: http://dx.doi.org/10.21936/si2015_v36.n2.711