Culminating Project Title
Date of Award
Culminating Project Type
Information Assurance: M.S.
Information Assurance and Information Systems
Herberger School of Business
Abdullah Abu Hussein
Jie Hu Meichsner
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.
Keywords and Subject Headings
Adaptive Multi-Factor Authentication, One-Time Password, Bio-metrics, Security, Authentication, Integrity, Threat, Situational Awareness.
Multifactor authentication (MFA) is getting increasingly more popular to safeguard systems from unauthorized users access. Adaptive Multi-Factor Authentication (A-MFA) is an enhanced version of MFA that provides a method to allow legitimate users to access a system using different factors that are changing based on different considerations. In other words, authentication factors include passwords, biometrics among others are adaptively selected by the authentication system based on criteria (e.g., whether the user is trying to log in from within system boundary, or whether or not the user is trying to access during organization operating hours). The criteria (i.e. triggering events) that A-MFA uses to select authentication factors adaptively are usually pre-defined and hard-coded in the authentication system itself. In this paper, the graphical user interface application is designed to add more resiliency to the existing Adaptive Multi-Factor Authentication (A-MFA) method by enabling system administrators to rank the triggering criteria based on the users’ roles, system assets, tolerance to risks, etc. The proposed tool allows system administrators to determine when to tighten and soften user access to the system. The tool uses multiple criteria decision making (MCDM) method to allow system admins to access the trustworthiness of user. Based on the trustworthiness of the user, the tool selects the number and complexity of the authentication methods. This tool will help to utilize the systems administrator situational awareness to improve security. This work aims to preserve the AMFA strengths and at the same time give system administrators more flexibility and authority in controlling access to systems.
Phan, Kim, "Implementing Resiliency of Adaptive Multi-Factor Authentication Systems" (2018). Culminating Projects in Information Assurance. 65.