Date of Award
Dissertation (Access Restricted)
Doctor of Philosophy
Authentication is considered as a safeguard against all types of illegal access to any computing device. Due to recent emerging security threats and compromises of password-based authentication services, authentication through a single factor is no longer reliable as protection for user identities. If the only factor is compromised or breached, users cannot access the service until the system is repaired. Hence, to facilitate a stronger protection of computing devices and other critical online services, MFA has become a viable option for users. MFA is a secure process of authentication that requires more than one authentication method to be chosen from independent categories of credentials. Many authentication mechanisms with varying degrees of accuracy and portability are available and supported by different types of computing devices and platforms. To satisfy this requirement, this research is focused on the design and implementation of an MFA framework to authenticate users efficiently through a subset of available authentication factors in a time-varying operating environment (device, medium, and surrounding conditions). This MFA framework selects the authentication factors adaptively by sensing the operating environment, and provides an optimized set of authentication factors to the users to verify their claimed identities. This research focuses on two parts, namely, formulation of trustworthy values for different authentication factors and developing a novel adaptive strategy to select different available authentication factors based on their trustworthy values, performance and previous selection history under same operating environment. Trustworthy values provide a metric to quantify different authentication factors in various settings of devices and media. A framework is proposed to measure the values, which incorporates the accuracy rates of these authentication factors. The selection algorithm is designed as a multi-objective optimization problem that maximizes the trustworthy values and performance of the authentication factors and minimizes the probability that the same set of authentication factor are going to be selected in the successive re-authentication events. The latter part ensures diversity in the selected authentication factors and leaves no recurring authentication patterns for intruders to exploit. The proposed A-MFA system is tested with several benchmark datasets to validate its effectiveness as a multi-factor authentication solution.
Dissertation or thesis originally submitted to the local University of Memphis Electronic Theses & dissertation (ETD) Repository.
Nag, Abhijit Kumar, "An Adaptive Approach Towards The Selection of Authentication Factors in Multi-factor Authentication (MFA) System" (2016). Electronic Theses and Dissertations. 2217.