Dynamic Multi-Factor Security
Abstract
This thesis identifies the current limitations of electronic remote authentication systems and presents a new remote authentication system that addresses these limitations. Examples of these limitations can be easily observed in everyday life. Some more common examples include: credit card theft, identity theft, insurance fraud and hacking of private computer networks. Our proposed solution includes a multi-factor protocol which has two key features. First, it dynamically updates private ID numbers such that no two iterations of the authentication protocol use the same set if private IDs for each involved party, using a True Random Number Generator (TRNG). This prevents any unauthorized access of private information, and even if this information is compromised, the authentication protocol is not compromised, since the subsequent iteration of authentication uses new IDs. Second, the protocol uses multiple authentication factors (two in our implementation), to further enhance security. These additional authentication factors are also dynamically updated after each iteration of the protocol. The protocol was implemented in a system which simulates a credit card transaction, highlighting the usefulness of our protocol in real world remote authentication. We expect this new electronic remote authentication system to solve many of the current failings of modern electronic authentication schemes.
Citation
Leslie, John M; Dutta, Shayok; Amimeur, Amnay (2015). Dynamic Multi-Factor Security. Undergraduate Research Scholars Program. Available electronically from https : / /hdl .handle .net /1969 .1 /167834.