making security even easier

Doctoral Thesis : Context-aware multifactor authentication for the augmented human

Multi-factor authentication is currently one of the de-facto standards for systems requiring strong security. In most of the cases, multi-factor authentication is rather complex and not very user-friendly, as it requires additional steps as far as end-users are concerned: e.g. with two-factor authentication, in addition to entering a username and a password (usually considered as a first factor), users need to manually enter an additional code (second factor) that they either receive by text messages, look up in a previously printed list of passwords or generated by a hardware or software token. An extensive review of potential security risks that multi-factor authentication is capable of mitigating is a significant part of this thesis. The thesis will review phishing as one of the biggest end-user targeted attacks and describe the security risks as well as modern methods of such attacks that can potentially lead to theft of sensitive data, such as user credentials, passwords and/or credit card information. The main purpose of this research is to review existing multi-factor authentication systems, primarily in corporate applications, and overcome existing gaps and shortcomings with introducing contexts of various types of additional authentication factors. Context as a word means the influence factors and events related to a particular situation. In our case, the meaning remains the same, it is only worth mentioning that in the situation we are applying the context - it is namely the user authentication operation or sequence of operations.

Full text

<< Go back to the previous page

G+ profile

follow me : github, habrahabr , linkedin
Feel free to contact me directly :
emin --at huseynov --dot com

Other projects

Google authenticator for Citrix StoreFront
Google authenticator for Citrix Web Interface 5.4
MOTP App with QR based enrolment

Not security related