scispace - formally typeset
Search or ask a question
Topic

Multi-factor authentication

About: Multi-factor authentication is a research topic. Over the lifetime, 5486 publications have been published within this topic receiving 114700 citations. The topic is also known as: MFA & multifactor authentication.


Papers
More filters
Journal ArticleDOI
Leslie Lamport1
TL;DR: A method of user password authentication is described which is secure even if an intruder can read the system's data, and can tamper with or eavesdrop on the communication between the user and the system.
Abstract: A method of user password authentication is described which is secure even if an intruder can read the system's data, and can tamper with or eavesdrop on the communication between the user and the system. The method assumes a secure one-way encryption function and can be implemented with a microcomputer in the user's terminal.

2,874 citations

Journal ArticleDOI
TL;DR: The inherent strengths of biometrics-based authentication are outlined, the weak links in systems employing biometric authentication are identified, and new solutions for eliminating these weak links are presented.
Abstract: Because biometrics-based authentication offers several advantages over other authentication methods, there has been a significant surge in the use of biometrics for user authentication in recent years. It is important that such biometrics-based authentication systems be designed to withstand attacks when employed in security-critical applications, especially in unattended remote applications such as e-commerce. In this paper we outline the inherent strengths of biometrics-based authentication, identify the weak links in systems employing biometrics-based authentication, and present new solutions for eliminating some of these weak links. Although, for illustration purposes, fingerprint authentication is used throughout, our analysis extends to other biometrics-based methods.

1,709 citations

Journal ArticleDOI
TL;DR: The authors concentrate on authentication for real-time, interactive services that are offered on computer networks, which includes remote login, file system reads and writes, and information retrieval for applications like Mosaic.
Abstract: When using authentication based on cryptography, an attacker listening to the network gains no information that would enable it to falsely claim another's identity. Kerberos is the most commonly used example of this type of authentication technology. The authors concentrate on authentication for real-time, interactive services that are offered on computer networks. They use the term real-time loosely to mean that a client process is waiting for a response to a query or command so that it can display the results to the user, or otherwise continue performing its intended function. This class of services includes remote login, file system reads and writes, and information retrieval for applications like Mosaic. >

1,545 citations

Journal ArticleDOI
TL;DR: The access matrix model is reviewed and different approaches to implementing the access matrix in practical systems are described, followed with a discussion of access control policies commonly found in current systems, and a brief consideration ofAccess control administration.
Abstract: Access control constrains what a user can do directly, as well as what programs executing on behalf of the users are allowed to do. In this way access control seeks to prevent activity that could lead to a breach of security. This article explains access control and its relationship to other security services such as authentication, auditing, and administration. It then reviews the access matrix model and describes different approaches to implementing the access matrix in practical systems, and follows with a discussion of access control policies commonly found in current systems, and a brief consideration of access control administration. >

1,432 citations

01 Jun 1999
TL;DR: "HTTP/1.0", includes the specification for a Basic Access Authentication scheme, which is not considered to be a secure method of user authentication (unless used in conjunction with some external secure system such as SSL [5]), as the user name and password are passed over the network as cleartext.
Abstract: "HTTP/1.0", includes the specification for a Basic Access Authentication scheme. This scheme is not considered to be a secure method of user authentication (unless used in conjunction with some external secure system such as SSL [5]), as the user name and password are passed over the network as cleartext.

845 citations


Network Information
Related Topics (5)
Encryption
98.3K papers, 1.4M citations
88% related
Server
79.5K papers, 1.4M citations
86% related
Mobile computing
51.3K papers, 1M citations
86% related
Wireless sensor network
142K papers, 2.4M citations
85% related
Network packet
159.7K papers, 2.2M citations
84% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202363
2022101
2021112
2020185
2019210
2018167