[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: modified related work
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated: modified related work |
Date: |
Tue, 02 Jun 2020 19:59:37 +0200 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new de113f6 modified related work
de113f6 is described below
commit de113f6b7a32e04a26451d40b26eed9b674267b7
Author: Dennis Neufeld <dennis.neufeld@students.bfh.ch>
AuthorDate: Tue Jun 2 17:59:29 2020 +0000
modified related work
---
doc/thesis/related_work.tex | 23 ++++++++++++++++-------
1 file changed, 16 insertions(+), 7 deletions(-)
diff --git a/doc/thesis/related_work.tex b/doc/thesis/related_work.tex
index d5919bb..f754851 100644
--- a/doc/thesis/related_work.tex
+++ b/doc/thesis/related_work.tex
@@ -76,19 +76,28 @@ The security of MIDATA as described in "Patient empowerment
in IoT for eHealth -
\subsection{Authentication}
-Anastasis is designed to use a wide range of authentication methods to
authenticate its users. There are several authentication methods available, a
short overview of the methods is presented here.
+To build a secure authentication procedure, today multi-factor authentication
is the standard \cite{multifactor_authentication}. A single authentication
method by itself is usually highly vulnerable. But multi-factor authentication
combines multiple authentication procedures to enhance the security of the
system. \\
+Anastasis is designed to use a wide range of authentication methods to
authenticate its users. Even though the user in Anastasis is free to specify
only one authentication method, we strongly recommend the use of multi-factor
authentication. A short overview of the possible methods is presented here.
\subsubsection{Password authentication}
-Password authentication is the most widely used authentication procedure. But
as studies show the procedure has its problems
\cite{authentication_methods_review}. The handling of the passwords is done
poorly, like storage or transmission. Additionally, the user must remember his
password, therefore the password is limited to the capabilities of the user.
+Password authentication is the most widely used authentication procedure. But
as studies show the procedure has its drawbacks
\cite{authentication_methods_review}. For example the handling of the
passwords, like storage or transmission, often is done poorly. Another problem
is that the user must remember his password. Therefore the password is limited
to the capabilities of the user to remember it. Thus people tend to use
passwords with low entropy. Those passwords are vulnerable to brut [...]
+Because passwords can be forgotten, we do not recommend using this method in
Anastasis, even though we want to offer the option to use it. If someone wants
to use a password anyway, then he must make sure that the password cannot be
forgotten, even if it means that the password has low entropy. Of course, this
requires that additional factors are part of the authentication process.
+
+\subsubsection{Secure question}
+Similar to password authentication the use of an authentication method based
on a secure question requires the user to remember the correct answer to the
specific question. The difference here is that the question provides a context
that helps the user to remember the answer and the user does not need to
memorize something new \cite{just2004}.\\
+
\subsubsection{SMS authentication}
-Another way to authenticate is SMS authentication. The most popular use case
is the mobile TAN used to authorize online banking transactions. But SMS is no
longer considered secure. The SMS authentication relies on the security of the
mobile network, which has different possible attacks \cite{rieck_detection}.
There are also specialized mobile Trojans which are used to eavesdrop these
messages.\\
-Instead of using SMS one can also use other forms of messages such as email or
physical mail. They all face the threat of interception.
+Another way to authenticate is SMS authentication. The most popular use case
is the mobile TAN used to authorize online banking transactions. But SMS is no
longer considered secure. The SMS authentication relies on the security of the
mobile network, which has different possible attacks \cite{rieck_detection}.
There are also specialized mobile Trojans which are used to eavesdrop these
messages directly on the mobile device.\\
+Instead of using SMS one can also use other forms of messages such as email or
physical mail. They all face the threat of interception.
+
+\subsubsection{Mail authentication}
+
+\subsubsection{Videoindent}
+
+\subsubsection{Postident}
\subsubsection{Biometric authentication}
Another way of authenticating is the biometric approach \cite{biometric_auth}.
Biometric authentication is based on "something you are", like your iris or
your fingerprint. There are also threats against biometric authentication.
There are documented attacks against fingerprint and iris scan authentication.
For example, a member of the German CCC e.V. was able to generate replicas from
Angela Merkel's iris and Ursula von der Leyen's fingerprint \cite{ccc_merkel}.
-\subsubsection{Multi-factor authentication}
-To build a secure authentication procedure, today multi-factor authentication
is the standard \cite{multifactor_authentication}. Multi-factor authentication
combines multiple authentication procedures, to enhance the security of the
system. For Anastasis we are building a multi-factor authentication system,
which combines a wide range of authentication methods to provide authenticity.
-
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.