Two-Factor Authentication Model
Abstract
The main objective of this paper is the development of a model that allows the authentication of a user for access control using the Two-Factor Authentication model. For the development of such a model we present a secure two-factor authentication (TFA) scheme based on the user's possession of a password and a cryptographically capable device. The security of this model is end-to-end in the sense that whoever wants to access in a fraudulent way is going to find it difficult and thus guarantee the security of the user of the system, the algorithm used was Cryptographic Networks, which is a double authentication model. Also the programming language cakephp 4.0 was used, in addition to using the visual studio code program to perform the algorithms required for the double authentication model to work.
Downloads
References
"Facial Expression Recognition Using Machine Learning Techniques", International Journal of Advance Engineering and Research Development, vol. 1, n.º 06, junio de 2020. Accedido el 17 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.21090/ijaerd.010633
FIDO Universal 2nd Factor. https://www.yubico.com/
Shirvanian, M., Jarecki, S., Saxena, N., Nathan, N.: Two-factor authentication resilient to server compromise using mix-bandwidth devices. In: Network & Distributed System Security Symposium (2014)
Google Authenticator Android app. https://goo.gl/Q4LU7k
"OpenCV: OpenCV modules". OpenCV documentation index. https://docs.opencv.org/4.x/ (accedido el 17 de noviembre de 2022).
S. Nagaraju and L. Parthiban, “Trusted framework for onlinebanking in public cloud using multi-factor authentication and privacy protection gateway,” Journal of Cloud Computing, vol. 4, no. 1, pp. 1–23, 2015.
M. Olalere, M. Taufik Abdullah, R. Mahmod, and A. Abdullah, “Bring your own device: security challenges and
A theoretical framework for two-factor Authentication,” Inaternational Journal of Computer Networks and Communications Security, vol. 4, no. 1, pp. 21–32, 2016, http://www.ijcncs.org.
O. Niel y P. Bastard, "Artificial Intelligence in Nephrology: Core Concepts, Clinical Applications, and Perspectives", American Journal of Kidney Diseases, vol. 74, n.º 6, pp. 803–810, diciembre de 2019. Accedido el 17 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.1053/j.ajkd.2019.05.020
T. Walsh, "The troubling future for facial recognition software", Communications of the ACM, vol. 65, n.º 3, pp. 35–36, marzo de 2022. Accedido el 15 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.1145/3474096
TOTP: Time-Based One-Time Password Algorithm. https://goo.gl/9Ba5hv
S. Latifi, Ed., 17th International Conference on Information Technology–New Generations (ITNG 2020). Cham: Springer International Publishing, 2020. Accedido el 17 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.1007/978-3-030-43020-7
S. K. Shammi, S. Sultana, M. S. Islam y A. Chakrabarty, "Low Latency Image Processing of Transportation System Using Parallel Processing co-incident Multithreading (PPcM)", en 2018 Joint 7th International Conference on Informatics, Electronics & Vision (ICIEV) and 2018 2nd International Conference on Imaging, Vision & Pattern Recognition (icIVPR), Kitakyushu, Japan, 25–29 de junio de 2018. IEEE, 2018. Accedido el 17 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.1109/iciev.2018.8640957
Kaur, S., Kaur, G., & Shabaz, M. (2022). A Secure Two-Factor Authentication Framework in Cloud Computing. Security and Communication Networks, 2022. https://doi.org/10.1155/2022/7540891
RFC 4226 HOTP: An HMAC-based One-Time Password Algorithm (2005). https://goo.gl/wxHBvT
I. Sluganovic, M. Roeschlin, K. B. Rasmussen y I. Martinovic, "Analysis of Reflexive Eye Movements for Fast Replay-Resistant Biometric Authentication", ACM Transactions on Privacy and Security, vol. 22, n.º 1, pp. 1–30, enero de 2019. Accedido el 17 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.1145/3281745
L. Monastyrskii, V. Lozynskii, Y. Boyko y B. Sokolovskii, "Fingerprint recognition in inexpensive biometric system", Electronics and Information Technologies, vol. 9, 2018. Accedido el 17 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.30970/eli.9.120
A. Ometov, S. Bezzateev, N. Makitalo, S. Andreev, ¨T. Mikkonen, and Y. Koucheryavy, “Multi-factor authentication: a survey,” Cryptography, vol. 2, no. 1, pp. 1–31, 2018
H. AYDIN, "The Importance of Cyber Security in Management Information Systems (MIS)", Bilgisayar Bilimleri ve Teknolojileri Dergisi, octubre de 2022. Accedido el 17 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.54047/bibted.1138252
M. Meroni, F. Waldner, L. Seguini, H. Kerdiles y F. Rembold, "Yield forecasting with machine learning and small data: What gains for grains?", Agricultural and Forest Meteorology, vol. 308-309, p. 108555, octubre de 2021. Accedido el 17 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.1016/j.agrformet.2021.108555
M. S. Bouzakraoui, A. Sadiq y A. Y. Alaoui, "Customer Satisfaction Recognition Based on Facial Expression and Machine Learning Techniques", Advances in Science, Technology and Engineering Systems Journal, vol. 5, n.º 4, p. 594, agosto de 2020. Accedido el 17 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.25046/aj050470
A. Bazaga, N. Gunwant y G. Micklem, "Translating synthetic natural language to database queries with a polyglot deep learning framework", Scientific Reports, vol. 11, n.º 1, septiembre de 2021. Accedido el 17 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.1038/s41598-021-98019-3
B. Liu et al., "Unsupervised Deep Learning for Random Noise Attenuation of Seismic Data", IEEE Geoscience and Remote Sensing Letters, pp. 1–5, 2021. Accedido el 17 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.1109/lgrs.2021.3057631
J. Han, E. Shihab, Z. Wan, S. Deng y X. Xia, "What do Programmers Discuss about Deep Learning Frameworks", Empirical Software Engineering, vol. 25, n.º 4, pp. 2694–2747, abril de 2020. Accedido el 17 de noviembre de 2022. [En línea]. Disponible: https://doi.org/10.1007/s10664-020-09819-6
Kaur, S., Kaur, G., & Shabaz, M. (2022). A Secure Two-Factor Authentication Framework in Cloud Computing. Security and Communication Networks, 2022. https://doi.org/10.1155/2022/7540891
Copyright (c) 2023 Innovation and Software
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors exclusively grant the right to publish their article to the Innovation and Software Journal, which may formally edit or modify the approved text to comply with their own editorial standards and with universal grammatical standards, prior to publication; Likewise, our journal may translate the approved manuscripts into as many languages as it deems necessary and disseminates them in several countries, always giving public recognition to the author or authors of the research.
