INFORMATION SECURITY BSCS 8TH
Authentication Models in information security
Authentication is the process of verifying the identity of user or information. User
authentication is the process of verifying the identity of user when that user logs into a
computer system. OR
Authentication is the process of identifying someone's identity by assuring that the
person is the same as what he is claiming for.
The authentication model consists of three entities: The Certificate Authority, the
identity verifier and the End-entity.
The Certificate Authority certifies the end -entities by issuing public-key certificates for
them.
The identity verifier is the entity that makes the determination as to whether or not
asserted identity is correct. The identity verifier trusts the CA as the authority for a given
certification for the identity. If an end entity’s certificate is not issued by that CA, then
the identity verifier must locate a certification path of certificates from that of the entity
to one issued by the CA.
Types of Authentication
Authentication is the process of determining whether someone or something is, in fact,
who or what it says it is. Authentication technology provides access control for systems
by checking to see if a user's credentials match the credentials in a database of
authorized users or in a data authentication server. In doing this, authentication assures
secure systems, secure processes and enterprise information security.
There are different types of authentication systems which are as follow
1.Single-Factor authentication: – This was the first method of security that was
developed. On this authentication system, the user has to enter the username and the
1
NAQIB ULLAH KHAN | Lecturer Computer Science GPGC Bannu
�INFORMATION SECURITY BSCS 8TH
password to confirm whether that user is logging in or not. Now if the username or
password is wrong, then the user will not be allowed to log in or access the system.
Advantage of the Single-Factor Authentication System: –
It is a very simple to use and straightforward system.
it is not at all costly.
The user does not need any huge technical skills.
The disadvantage of the Single-Factor Authentication
It is not at all password secure. It will depend on the strength of the password
entered by the user.
The protection level in Single-Factor Authentication is much low.
2. Two-factor Authentication: – In this authentication system, the user has to give a
username, password, and other information. There are various types of authentication
systems that are used by the user for securing the system. Some of them are: – wireless
tokens, virtual tokens. OTP and more.
Advantage of the Two-Factor Authentication
The Two-Factor Authentication System provides better security than the Single-
factor Authentication system.
The productivity and flexibility increase in the two-factor authentication system.
The Two-Factor Authentication prevents the loss of trust.
Disadvantages of Two-Factor Authentication is that, it is time-consuming.
3. Multi-Factor authentication system: In this type of authentication, more than one
factor of authentication is needed. This gives better security to the user. Any type of
keylogger or phishing attack will not be possible in a Multi-Factor Authentication
system. This assures the user, that the information will not get stolen from them.
The advantages of Multi-Factor Authentication System are:
No risk of security.
2
NAQIB ULLAH KHAN | Lecturer Computer Science GPGC Bannu
�INFORMATION SECURITY BSCS 8TH
No information could get stolen.
No risk of any key-logger activity.
No risk of any data getting captured.
The disadvantages of Multi-Factor Authentication System are:
It is time-consuming.
it can rely on third parties
Objective of Authentication
The main objective of authentication is to allow authorized users to access the computer
and to deny access to the unauthorized users. Operating Systems generally
identifies/authenticates users using following 3 ways: Passwords, Physical
identification, and Biometrics. These are explained as following below.
i. Passwords:
Passwords verification is the most popular and commonly used authentication
technique. A password is a secret text that is supposed to be known only to a user. In
password based system, each user is assigned a valid username and password by the
system administrator.
System stores all username and Passwords. When a user logs in, its user name and
password is verified by comparing it with stored login name and password. If the
contents are same then the user is allowed to access the system otherwise it is rejected.
ii. Physical Identification :
This technique include machine readable badges(symbols), card or smart cards. In some
companies, badges are required for employees to gain access to the organization’s gate.
In many system, identification is combined with the use of password i.e the user must
insert the card and then supply his /her password. This kind of authentication is
commonly used with ATM. Smart card can enhance this scheme by keeping the user
password within the card itself. This allow the authentication without storage of
password in the computer system. The loss of such card can be dangerous.
3
NAQIB ULLAH KHAN | Lecturer Computer Science GPGC Bannu
�INFORMATION SECURITY BSCS 8TH
iii. Biometrics:
This method of authentication is based on the unique biological characteristics of each
user such as finger prints, voice or face recognition, signatures and eyes.
Biometric devices often consist of –
A scanner or other devices to gather the necessary data about user.
Software to convert the data into a form that can be compared and stored.
A database that stores information for all authorized users.
A number of different types of physical characteristics are –
a. Facial Characteristics –
Humans are differentiated on the basis of facial characteristics such as eyes, nose, lips,
eyebrows and chin shape.
b. Fingerprints –
Fingerprints are believed to he unique across the entire human population.
c. Hand Geometry –
Hand geometry systems identify features of hand that includes shape, length and width
of fingers.
d. Retinal pattern –
It is concerned with the detailed structure of the eye.
e. Signature –
Every individual has a unique style of handwriting, and this feature is reflected in the
signatures of a person.
f. Voice –
This method records the frequency pattern of the voice of an individual speaker.
iv. One Time passwords:
One-time passwords provide additional security along with normal authentication. In
One-Time Password system, a unique password is required every time user tries to login
into the system. Once a one-time password is used, then it cannot be used again. One-
time password is implemented in various ways. Some commercial applications send
one-time passwords to user on registered mobile/ email which is required to be entered
prior to login.
4
NAQIB ULLAH KHAN | Lecturer Computer Science GPGC Bannu
