A Review on Authentication Methods

The Internet has consolidated itself as a very powerful platform that has changed the communication and business transactions. Now, the number of users navigating through the Internet is more than 2.4 billion. This large audience demands online commerce, knowledge sharing, social networks etc., which grew exponentially over the past few years. Thus, it leads to the need for security and enhanced privacy. In recent days, fraud over the Internet constitutes one of the main drawbacks for the widespread of the use of commercial applications. Therefore, the three vital security issues take place every day in our world of transparent fashion, more precisely: identification, authentication and authorisation. Identification is a process that enables recognition of an entity, which may be either, a human, a machine, or another asset such as a software programme. In security systems, authentication and authorisation are two complementary mechanisms for determining who can access the information resources over a network. Many solutions have been proposed in the literature, from a simple password to recent technologies based on RFID (Radio Frequency IDentification) or biometrics (Mahier et al., 2008). This paper provides an overview on existing authentication methods, and its pros and cons when designing an online service.

[1]  Christophe Rosenberger,et al.  GREYC keystroke: A benchmark for keystroke dynamics biometric systems , 2009, 2009 IEEE 3rd International Conference on Biometrics: Theory, Applications, and Systems.

[2]  Luminita Vasiu,et al.  Biometric Recognition - Security and Privacy Concerns , 2004, ICETE.

[3]  Hyotaek Lim,et al.  A Ping Pong Based One-Time-Passwords Authentication System , 2009, 2009 Fifth International Joint Conference on INC, IMS and IDC.

[4]  Debnath Bhattacharyya,et al.  Biometric Authentication: A Review , 2009 .

[5]  IkSu Park,et al.  User Authentication Protocol Based on Human Memorable Password and Using RSA , 2004, ICCSA.

[6]  Ying Zhu,et al.  Graphical passwords: a survey , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[7]  Christophe Rosenberger,et al.  Soft Biometrics for Keystroke Dynamics , 2013, ICIAR.

[8]  Sahin Albayrak,et al.  Continuous and non-intrusive identity verification in real-time environments based on free-text keystroke dynamics , 2011, 2011 International Joint Conference on Biometrics (IJCB).

[9]  Anil K. Jain,et al.  Soft Biometric Traits for Personal Recognition Systems , 2004, ICBA.

[10]  Christos Douligeris,et al.  Network Security: Current Status and Future Directions , 2007 .

[11]  Byung Rae Cha,et al.  Password Generation of OTP System using Fingerprint Features , 2008, 2008 International Conference on Information Security and Assurance (isa 2008).

[12]  Sharath Pankanti,et al.  Biometrics: Personal Identification in Networked Society , 2013 .

[13]  Steven J. Simske Dynamic biometrics: The case for a real-time solution to the problem of access control, privacy and security , 2009, 2009 First IEEE International Conference on Biometrics, Identity and Security (BIdS).

[14]  Syed Zulkarnain Syed Idrus Database encryption for a Web-based Claims System , 2007 .

[15]  Ray A. Perlner,et al.  Electronic Authentication Guideline , 2014 .

[16]  Patrick Bours,et al.  Continuous Authentication using Biometric Keystroke Dynamics , 2009 .

[17]  Sacha Brostoff,et al.  Transforming the ‘Weakest Link’ — a Human/Computer Interaction Approach to Usable and Effective Security , 2001 .

[18]  Christophe Rosenberger,et al.  Keystroke Dynamics Overview , 2011 .

[19]  R. Badlishah Ahmad,et al.  Performance Analysis of Encryption Algorithms' Text Length Size on Web Browsers , 2008 .

[20]  Loris Nanni,et al.  State of the art in Biometrics , 2011 .

[21]  Christophe Rosenberger,et al.  A Preliminary Study of a New Soft Biometric Finger Recognition for Keystroke Dynamics , 2012 .

[22]  Syed Zulkarnain Syed Idrus,et al.  The Development of a Web-Based Claims System , 2009, 2009 International Conference on Computer Technology and Development.

[23]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[24]  Anil K. Jain,et al.  Biometric cryptosystems: issues and challenges , 2004, Proceedings of the IEEE.

[25]  Nalini K. Ratha,et al.  Enhancing security and privacy in biometrics-based authentication systems , 2001, IBM Syst. J..

[26]  Syed Alwee Aljunid,et al.  Performance Evaluation of Encryption Algorithms' Key Length Size on Web Browsers , 2012 .

[27]  Wei-Hsun Lee,et al.  A One-Time Password Scheme with QR-Code Based on Mobile Phone , 2009, 2009 Fifth International Joint Conference on INC, IMS and IDC.

[28]  Steven Skiena,et al.  Improving Usability Through Password-Corrective Hashing , 2006, SPIRE.

[29]  Patrick Bours Continuous keystroke dynamics: A different perspective towards biometric evaluation , 2012, Inf. Secur. Tech. Rep..

[30]  Sugata Sanyal,et al.  The N/R one time password system , 2005, International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II.

[31]  A. M. Turing,et al.  Computing Machinery and Intelligence , 1950, The Philosophy of Artificial Intelligence.