Title :
A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems
Author :
Huang, Xinyi ; Xiang, Yang ; Chonka, Ashley ; Zhou, Jianying ; Deng, Robert H.
Author_Institution :
Sch. of Inf. Syst., Singapore Manage. Univ., Singapore, Singapore
Abstract :
As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by three factors, namely password, smart card, and biometrics. A generic and secure framework is proposed to upgrade two-factor authentication to three-factor authentication. The conversion not only significantly improves the information assurance at low cost but also protects client privacy in distributed systems. In addition, our framework retains several practice-friendly properties of the underlying two-factor authentication, which we believe is of independent interest.
Keywords :
authorisation; biometrics (access control); data privacy; distributed processing; smart cards; biometrics; client privacy; distributed systems privacy; distributed systems security; information assurance; password; remote authentication; remote client; smart card; three factor authentication; Authentication; Iris recognition; Privacy; Protocols; Servers; Authentication; biometrics.; distributed systems; password; privacy; security; smart card;
Journal_Title :
Parallel and Distributed Systems, IEEE Transactions on
DOI :
10.1109/TPDS.2010.206
