2022 № 2 Сучасні інформаційні системи
Постійне посилання колекціїhttps://repository.kpi.kharkov.ua/handle/KhPI-Press/65928
Переглянути
Документ Modeling the process of two-factor authentication(Національний технічний університет "Харківський політехнічний інститут", 2022) Rezanov, Bohdan; Kuchuk, HeorhiiThe relevance of research. Authentication is the process of confirming the authenticity of an object or subject of interaction in an information network by a presented identifier. Usually only one factor is used. However, most information security incidents occur due to the use of one factor. The easiest way to create an extra layer of security for accounts is to use two-factor authentication using 2FA programs. In this case, an additional step occurs, which increases the user authentication time and creates an additional load on the network. Thus, there is a need to create an additional layer of security for accounts in the "Active Directory" directory service without using an additional component on the target system and an additional step in the authentication process, thereby making the authentication process itself simpler and more responsive to the user. The purpose of the article is to develop a model of the two-factor authentication process, which will allow comparison of different approaches to its implementation. Research progress. The proposed model consists of three components: a system submodel, a threat submodel, and a security properties submodel. The analysis performed showed the advantages of using the PERT method for this problem. The simulation of the authentication process was carried out using a third-party service for checking the second factor (DUO) and the proposed method. The final PERT-diagrams are formed. A comparative analysis of these methods in terms of authentication speed was carried out. Conclusion. The developed model makes it possible to assess the quality of two-factor authentication by the selected parameter with a sufficient degree of accuracy. In particular, the proposed method showed more preferable results in terms of authentication speed compared to conventional methods.