USING OF ADDITIONAL METHODS OF USER AUTHORIZATION

Authors

DOI:

https://doi.org/10.37943/AITU.2020.89.25.011

Keywords:

Internet, encryption key, certificate, authorization

Abstract

The article considers the methods of additional authorization of users of information systems, their advantages, and disadvantages, typical examples of usage. Multifactor authentication is becoming a standard tool for verifying the identity and access rights of information systems, from banking operations to access to enterprise databases. With the expansion of the spheres of use of various information systems, applications, and services, users of the systems get new opportunities, convenience, and mobility. But at the same time, there is a problem of secure and controlled access, authorization and identification of the user, confirmation of his authority. The options under consideration cannot be limited to service delivery alone: mechanisms could and should be used in various combinations. In addition to the analysis, experiments were carried out on implementing and testing additional authorization mechanisms, and feedback from end users was collected. Each of the methods was evaluated from many angles: ease of implementation, ease of use by the end user, availability, and adequacy of use. At the same time, there is no way to identify the optimal and universal method of additional authorization, since various service sectors have their own requirements for accessibility, reliability, and security. One can single out corporate services that provide data exchange, data processing or analytics, or remote management services industrial network management as the most promising areas for implementation. The authors analyzed the various methods most widely used in the security market, their capabilities, advantages, and disadvantages. The authors did not set the goal of nominating one selected mechanism as a priority; therefore, no recommendations are given to use a particular method.

Author Biographies

B. Sultanova, Karaganda Technical University

Candidate of Pedagogical Sciences, Professor of the Department of Information and Computing Systems

A. Chsherbov, Karaganda Technical University

Master student of the Department of Information Technology and Security

References

Комаров, А. (2008). Современные методы аутентификации: токен и это все о нем..!. T-Comm-Телекоммуникации и Транспорт, (6). [Электронный ресурс] // Режим доступа: https://www.aladdinrd.ru/company/pressroom/articles/sovremennye_metody_autentifikacii_token_i_eto_vse_o_nem

Скородумов, А. (2015). Многофакторная аутентификация – лучше меньше, да лучше, «Information Security/ Информационная безопасность», (6) [Электронный ресурс] // Режим доступа: http://lib.itsec.ru/articles2/Oborandteh/mnogofaktornaya-autentifikatsiya-luchshe-menshe--da-luchshe –Дата доступа 08.12.2020.

Многофакторная (двухфакторная) аутентификация, [Электронный ресурс] // Режим доступа: https://www.tadviser.ru/index.php/Статья: Многофакторная_(двухфакторная)_аутентификация – Дата доступа 08.12.2020.

Marty Puranik, What is Two-Factor Authentication? The Tip of the Security Spear, [Электронный ресурс] // Режим доступа: https://www.securitymagazine.com/articles/91974-what-is-two-factorauthentication-the-tip-of-the-security-spear, March 23, 2020 – Дата доступа 21.12.2020.

Abhishek Shah, Multi-factor authentication, [Электронный ресурс] // Режим доступа: https://www.khanacademy.org/computing/computers-and-internet/xcae6f4a7ff015e7d:online-data-security/xcae6f4a7ff015e7d:user-authentication-methods/a/multi-factor-authentication – Дата доступа 21.12.2020.

Ometov, A., Bezzateev, S., Mäkitalo, N., Andreev, S., Mikkonen, T., & Koucheryavy, Y. (2018). Multifactor authentication: A survey. Cryptography, 2(1), 1.

Богданов, Д.С., & Клюев, С.Г. (2020). Классификация и сравнительный анализ технологий многофакторной аутентификации в Веб-приложениях. Моделирование, оптимизация и информационные технологии, 8(1), 17-18. [Электронный ресурс] //

Misha Ketchell, Can I still be hacked with 2FA enabled?, [Электронный ресурс] // Режим доступа:

https://theconversation.com/can-i-still-be-hacked-with-2fa-enabled-144682, September 4, 2020, – Дата доступа 21.12.2020.

Misha Ketchell, Receiving a login code via SMS and email isn’t secure. Here’s what to use instead, [Электронный ресурс] // Режим доступа: https://theconversation.com/receiving-a-login-code-viasms-and-email-isnt-secure-heres-what-to-use-instead-112767, March 6, 2019, – Дата доступа 18.12.2020.

Mike Betsko, Multifactor authentication critical as workplaces get more connected, [Электронный ресурс]. 14, 2020, – Дата доступа 18.12.2020. David Hald, 8 reasons you should turn to multifactor authentication, [Электронный ресурс] // Режим доступа: https://techbeacon.com/security/8-reasons-you-should-turn-multi-factor-authentication, – Дата доступа 18.12.2020.

Downloads

Published

2020-12-30

How to Cite

Sultanova, B., & Chsherbov, A. (2020). USING OF ADDITIONAL METHODS OF USER AUTHORIZATION. Scientific Journal of Astana IT University, 4(4), 88–98. https://doi.org/10.37943/AITU.2020.89.25.011

Issue

Section

Information Technologies
betpas
pendik escort anadolu yakasi escort bostanci escort kadikoy escort kartal escort kurtkoy escort umraniye escort
maltepe escort ataşehir escort ataşehir escort ümraniye escort pendik escort kurtköy escort anadolu yakası escort üsküdar escort şerifali escort kartal escort gebze escort kadıköy escort bostancı escort göztepe escort kadıköy escort bostancı escort üsküdar escort ataşehir escort maltepe escort kurtköy escort anadolu yakası escort ataşehir escort beylikdüzü escort