Main Article Content
The relevance of research. Authentication is the process of confirming the authenticity of an object or subject of interaction in an information network by a presented identifier. Usually only one factor is used. However, most information security incidents occur due to the use of one factor. The easiest way to create an extra layer of security for accounts is to use two-factor authentication using 2FA programs. In this case, an additional step occurs, which increases the user authentication time and creates an additional load on the network. Thus, there is a need to create an additional layer of security for accounts in the “Active Directory” directory service without using an additional component on the target system and an additional step in the authentication process, thereby making the authentication process itself simpler and more responsive to the user. The purpose of the article is to develop a model of the two-factor authentication process, which will allow comparison of different approaches to its implementation. Research progress. The proposed model consists of three components: a system submodel, a threat submodel, and a security properties submodel. The analysis performed showed the advantages of using the PERT method for this problem. The simulation of the authentication process was carried out using a third-party service for checking the second factor (DUO) and the proposed method. The final PERT-diagrams are formed. A comparative analysis of these methods in terms of authentication speed was carried out. Conclusion. The developed model makes it possible to assess the quality of two-factor authentication by the selected parameter with a sufficient degree of accuracy. In particular, the proposed method showed more preferable results in terms of authentication speed compared to conventional methods.
(2021), Two-factor authentication, available at: http://www.aladdin- rd.ru/solutions/authentication.
(2021), Setting up two-factor authentication, available at: http://support.citrix.com/proddocs/topic/web-interface- impington/nl/ru/wi-configure-two-factor-authentication- gransden.html?locale=ru.
(2020), Seven Methods for Two-Factor Authentication, available at: http://www.infosecurityrussia.ru/news/29947.
(2020), Two-factor authentication for remote access, available at: http://itc.ua/articles/dvuhfaktornaya_autentifikaciya_pri_udalen nom_dostupe_23166.
Evseev S.P. and Korol, O.G. (2014), “Study of two-factor authentication methods”, Information processing systems, No. 2(118). pp. 81–87.
Belov, V.N. and Pushkova, K.S. (2017), “User account protection in modern gadgets”, Scientific trends: Issues of exact and technical sciences, 12 MC, MOAN, St. Petersburg, pp. 8-9.
Uskova, S.I. and Kamshilov, S.G. (2018), “Ensuring information security in the interaction of business entities with banking structures”, XVII All-Russian Scientific and Practical Conference of Students, Postgraduates and Young Scientists, ChGU, Chelyabinsk, Vol. 2, pp. 190-195.
Claudia, Ziegler, Acemyan, Philip, Kortum, Jeffrey, Xiong and Dan S., Wallach (2018), “2FA Might Be Secure, But It’s Not Usable: A Summative Usability Assessment of Google’s Two-factor Authentication (2FA) Methods”, Proceed-ings of the Human Factors and Ergonomics Society Annual Meeting, Vol 62, Issue 1, DOI: https://doi.org/10.1177/1541931218621262.
(2020), Methods Departments of Psychological Sciences1 and Computer Science, Rice University 6100 Main Street, MS-25, Houston, Texas 77005, USA.
Kulikova, O.V. (2010), “Methods and means of authentication in the tasks of ensuring information security in corpo-rate information systems”, Information technology security, Volume 17, No. 3, pp. 85-91.
Ivanova, A.S. and Gazizov ,A.R. (2018), “Methods of authentication and identification of information systems of edu-cational organizations” Scientific vector, Issue 4.
Chizhikov, Dmitry (2021), “Lecture 1: Introduction to Active Directory”, Microsoft Active Directory Implementation Methodology, available at: https://intuit.ru/studies/courses/1068/259/lecture/6608.
(2015), “Directory Service”, Information system administrator functions, available at: https://helpiks.org/5-87570.html.
Sermersheim, J. (2006), Lightweight Directory Access Protocol (LDAP): The Protocol, Ed. Novell, Inc., June 2006.
(2021), RFC4120, available at: https://datatracker.ietf.org/doc/html/rfc4120.
Derek, Simmel and Shane, Filus (2017), “Flexible Enforcement of Multi-factor Authentication with SSH via Linux-PAM for Federated Identity Users”, PEARC17: Proceedings of the Practice and Experience in Advanced Research Computing 2017 on Sustainability, Success and ImpactJuly 2017, Article 10, pp. 1–9, DOI: https://doi.org/10.1145/3093338.3093392.
Wenyi, Liu, Selcuk Uluagac, A. and Raheem, Beyah (2020), “MACA: A Privacy-Preserving Multi-factor Cloud Au-thentication System Utilizing Big Data”, The School of ECE Georgia Institute of Technology Atlanta, GT CAP Group, GA 30332, USA, available at: https://cap.ece.gatech.edu/papers/1569883983.pdf.
Jason, Bau and John C., Mitchell (2011), “Security Modeling and Analysis”, IEEE Security & Privacy, May-June 2011, Vol. 9, Is. 3, hh. 18-25, DOI: https://doi.org/10.1109/MSP.2011.2.
Fridlyanov, M.A. (2017), “Methods and techniques of project management in the sphere of industrial production”, Problems of market economy, No. 3, pp. 17–24.
Murtuzov, G.A. (2020), “Methods for determining the timing of construction”, Alley of Science, No. 5 (44), available at: https://alley-science.ru/domains_data/files/4May2020/METODY%20OPREDELENIYa%20SROKOV%20STROITELSTVA.pdf
Antonova, A.S. and Aksenov, K.A. (2014), “Comparative analysis of subcontracting work planning methods”, Modern problems of science and education, No. 3, pp. 88-97, available at: https://science-education.ru/ru/article/view?id=13388.
Panfilova, T.A. (2017), Stochastic adaptive algorithms for improving software, diss … cand. tech. sciences: 05.13.01 Krasnoyarsk, 160 p.
(2021), Method GERT, available at: http://www.topknowledge.ru/investmen/3187-metod-gert.html&sa=D&source=docs&ust=1638475515309000&usg=AOvVaw1Yhcjwrn-h7852e944lhZR