Научный журнал Моделирование, оптимизация и информационные технологииThe scientific journal Modeling, Optimization and Information Technology
cетевое издание
issn 2310-6018

Сlassification and comparative analysis of technologies of multifactor authentication in Web applications

idBogdanov D.S. Klyuev S.G.  

UDC 004.056.53
DOI: 10.26102/2310-6018/2020.28.1.033

  • Abstract
  • List of references
  • About authors

The relevance of the study is due to the growing pace of the introduction of multi-factor authentication mechanisms in web applications, the popularization of web technologies, as well as the lack of specific standards in the Russian Federation that describe the operation of multi-factor authentication technologies and establish requirements for web applications that use this technology. The work discusses existing authentication technologies and protocols both in a general form and in terms of authentication in web applications, considers the sequential operation of HTTP 1.0, 1.1 standard protocols, and their advantages and disadvantages are noted. Combinations of authentication factors used in the development of multi-factor authentication mechanisms were considered and correlated with existing authentication protocols. Based on the study, a classification of multifactor authentication technologies in web applications was proposed. The purpose of this study is a general analysis of authentication methods used in web applications, a comparative analysis of authentication protocols in web applications, classification of multifactor authentication technologies in order to highlight the most significant parameters for authentication systems and protocols, and then determine the rationality of using multifactor authentication in one or another web application. The materials of the work are of theoretical value for further research in this area

1. Tarasov A.A., Kazarin O.V., Zapnechnikov S.V. Cryptographic Information Protection Methods. 1st ed. Moscow: Yurayt Publishing House; 2019. 309 p. (Higher education).

2. Gorbenko Y.I., Oleshko I.V. Models and methods for assessing the security of multi-factor authentication mechanisms. East European Journal of Advanced Technology. 2013;6(2):4- 10.

3. Two-factor authentication, which is convenient to use [Internet]. 2015. Available at: https://habr.com/en/company/yandex/blog/249547(accessed 06.02.2020).

4. An overview of authentication methods and protocols in web applications [Internet]. 2015. Available at: https://habr.com/ru/company/dataart/blog/262817 (accessed 07.02.2020).

5. Willis N. FreeOTP multi-factor authentication [LWN.net] [Internet]. 2014. Available at: https://lwn.net/Articles/581086/ (accessed 07.02.2020).

6. Stocker C. Google Authenticator for PHP [Internet]. 2019. Available at: https://github.com/chregu/GoogleAuthenticator.php (accessed 07.02.2020).

7. Jaskowski T. Google Authenticator for Python [Internet]. 2019. Available at: https://github.com/tadeck/onetimepass (accessed 07.02.2020).

Bogdanov Dmitriy Sergeevich

Email: bdkrdu@yandex.ru

ORCID |

Federal State-Funded Educational Institution of Higher Education "Krasnodar University of the Ministry of Internal Affairs of the Russian Federation"

Krasnodar, Russian Federation

Klyuev Stanislav Gennadievich
Candidate of Technical Sciences Associate Professor
Email: s.g.klyuev@mail.ru

Federal State-Funded Educational Institution of Higher Education "Krasnodar Higher Military School"

Krasnodar, Russian Federation

Keywords: multifactor authentication, web application, two-factor authentication, classification, authentication protocols

For citation: Bogdanov D.S. Klyuev S.G. Сlassification and comparative analysis of technologies of multifactor authentication in Web applications. Modeling, Optimization and Information Technology. 2020;8(1). Available from: https://moit.vivt.ru/wp-content/uploads/2020/02/BogdanovKluev_1_20_1.pdf DOI: 10.26102/2310-6018/2020.28.1.033 (In Russ).

135

Full text in PDF