Is two factor authentication better than one-factor authentication? Critically appraise this using concept of security goals and implementation. OP- 10% orAssignment- 15%
The impact of the internet over the last few years has meant fundamental changes in the way we access the information. Though the network security perimeter has crumbled at all levels, the number of users wanting network access has grown. While there are enormous productivity benefits available from increased access, the security risks have greatly increased. Growing threats to security (e.g. phishing, personal identify fraud) and the personal nature of the data make the balance between security, trust and usability vital. Adams and Sasse (1999) identified the importance for security (in particular security mechanisms) of real world cues that enable users to interpret potential security risks in their interaction with sensitive information. Security threats are increasing day by day and to protect security is becoming a major concern. The different types of attacks are shown in Fig 1.
Fig 1 Security threats- the types of attacks
Source: https://akela.mendelu.cz/~lidak/share/izk/2008/lecture5-security.ppt It is important to provide security mechanisms that ensure that the system’s security goals are enforce despite threats from attackers. The attacks are leaded against security goals such as: - Interruption damages availability
- Modification damages integrity
- Interception damages privacy
- Falsification damages authenticity
In fact some real attacks damage more security goals. For example: viruses can violate integrity and availability of PC’s SW equipment. To ensure the confidentiality integrity and availability of information, it is important to identify with whom you are dealing, and that the data you are receiving is trustworthy .So it is important to safeguard the security goals such as confidentiality, availability, integrity, authenticity, accountability and many more. Securing security goals can be achieved with the use of various authentication mechanisms (i.e. identification and verification process).
Authentication is the process of verifying the identity of a user, device, or other entity in a computer system, often as a prerequisite to allowing access to resources in the system. Authentication is a necessary component to any system that requires a level of identification control and/or auditing functions. An authentication factor is a piece of information used to authenticate or verify a person's identity for security purposes. Authentication relies on at least one of three types of information: something you know (password, PIN), something you have (ATM card, a token), or something you are (fingerprint, Biometric scanner).
The traditional method of securing system access was by authentication through the use of passwords (one factor authentication). Passwords are simple to implement and easy to understand but the problem with passwords is that it is too easy to lose control of them. They are also vulnerable to social engineering i.e. people asking for password or guessing it. They can also be picked up by spyware. However, one factor authentication is no longer sufficient to protect systems containing sensitive information and is also unsuitable for securing the access requirements of today’s distributed users. To overcome this, vendors have created two factor authentication that require a user to provide something they know, something they are, and/or something they have to the authentication system. By doing this, it is possible to create an enhanced and more secure authentication than its predecessors. Two-factor authentication (2F authentication) requires two independent pieces of information be presented, each being from a different category to establish identity and privileges. Two-factor authentication aims to solve the decades-old problem of password-based attacks, such...
Please join StudyMode to read the full document