Deakin University
Browse

File(s) under permanent embargo

A generic framework for three-factor authentication : preserving security and privacy in distributed systems

journal contribution
posted on 2011-08-01, 00:00 authored by Xinyi Huang, Yang Xiang, Ashley Chonka, J Zhou, R Deng
As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by three factors, namely password, smart card, and biometrics. A generic and secure framework is proposed to upgrade two-factor authentication to three-factor authentication. The conversion not only significantly improves the information assurance at low cost but also protects client privacy in distributed systems. In addition, our framework retains several practice-friendly properties of the underlying two-factor authentication, which we believe is of independent interest.

History

Journal

IEEE transactions on parallel and distributed systems

Volume

22

Issue

8

Pagination

1390 - 1397

Publisher

IEEE

Location

Piscataway, N. J.

ISSN

1045-9219

eISSN

1558-2183

Language

eng

Publication classification

C1 Refereed article in a scholarly journal

Copyright notice

2011, IEEE