A generic framework for three-factor authentication: preserving security and privacy in distributed systems

As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by t...

Full description

Saved in:
Bibliographic Details
Main Authors: HUANG, Xinyi, Xiang, Yang, Chonka, Ashley, Zhou, Jianying, DENG, Robert H.
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2011
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/1421
https://ink.library.smu.edu.sg/context/sis_research/article/2420/viewcontent/A_generic_framework_for_three_factor_authentication_preserving_security_and_privacy_in_distributed_systems.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by three factors, namely password, smart card, and biometrics. A generic and secure framework is proposed to upgrade two-factor authentication to three-factor authentication. The conversion not only significantly improves the information assurance at low cost but also protects client privacy in distributed systems. In addition, our framework retains several practice-friendly properties of the underlying two-factor authentication, which we believe is of independent interest.