Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication

Rasa Bruzgiene,Konstantinas Jurgilas

doi:10.3390/electronics10151819

Abstract

Information systems of critical infrastructure provide services on which the core functions of a state and its economy depend as well as welfare of society. Such systems are becoming an increasingly common target for crimes and attacks in cyberspace, as their vulnerabilities can be exploited for malicious activities seeking financial or political gain. One of the main reasons that threatens the security of these systems is the weak control of remote access, otherwise defined as management of a system’s user identity. Management of user identity depends on user authentication, authorization and the assignment of certain rights in the digital space. This paper provides the proposed two-factor (2FA) digital authentication method for remote access to an information system of a critical infrastructure. Results of testing the method’s usability and resilience to cyber threats have shown that the system, in which the method was implemented, is protected from dangerous HTTP requests and publicly available system’s endpoints are protected from threatening inputs that could cause malicious activities on the critical infrastructure. Additionally, the implementation of the authentication API application ensures the rapidity of the method for less than 500 ms for 100 users working in parallel with the system at the same time.

Highlights

This paper provides the proposed two-factor (2FA) digital authentication method for remote access to an information system of a critical infrastructure
Information systems of critical infrastructure are consisting of hardware and software that together provide certain core functions and services the disruption of which could cause significant damage to national security, stability of economics or human health and well-being [1]
Society is dependent on the provision of these services and any disruption to it can result failures of services ranging from short-term disruptions to serious and dangerous disasters impacting whole operation of critical infrastructure

Summary

Introduction

Information systems of critical infrastructure are consisting of hardware and software that together provide certain core functions and services the disruption of which could cause significant damage to national security, stability of economics or human health and well-being [1]. In 2019, warnings that cyber threats pose a risk to public welfare, security and prosperity were published in National Intelligence Strategy Report of United States [3] Those warnings were related with the fact that information technologies are inseparable from critical infrastructures and widely used by society [1]. When cyber criminals gain access to the information systems of the critical infrastructure, the consequences of attacks can cause a lot of damage as well can be very harmful to society. On the basis of that, one Electronics 2021, 10, 1819 of the most important security objectives is to ensure that only authorized persons can remotely access the systems of critical infrastructure and control the operation of it.

State-of-the-Art in Authentication Methods

Proposed 2FA Authentication Method

Testing Scenario

Testing Setup

Conclusions