Modern Methods, Software and Hardware to Authenticate the Users of Computer Systems and Networks

Abstract

The aim of the work is to review and analyze the existing methods, software and hardware for identifying and authenticating the users of computer systems and networks, and to define their promising development lines. The authentication methods and means used to control both local and remote access of users to computer resources are considered. Special attention is paid to multi-factor authentication in controlling remote access. The advantages and disadvantages of the considered methods and means in terms of ensuring reliable user authentication are noted. Despite the continuing widespread use of password authentication, its insufficient protection against password guessing attacks and password interceptions when the passwords are transmitted over the network urgently calls for a need of shifting to more reliable authentication methods. A version of local authentication is proposed that uses a handshake model based on a function specified in tabular form for calculating the response to a random request, which does not require the use of additional devices. Two methods for multi-factor authentication of users performing remote access are proposed: based on the knowledge of their interests and habits when working in the Internet and on the basis of a person whose image is transmitted to the authentication server in a one-time encrypted form (the encryption key is generated based on the user's private key and random admixture). These two solutions can be implemented using open source software and without involvement of third-party paid services. As a result of the performed analysis, the most effective methods and means for identification and authentication of users of various information systems have been defined. The obtained results can be used to enhance the security of computer systems and networks against unauthorized access to their resources. Ensuring the security of information and software systems is a must in improving the quality of such systems.