The Community for Technology Leaders
Green Image
Issue No. 08 - August (2011 vol. 22)
ISSN: 1045-9219
pp: 1390-1397
Yang Xiang , Deakin University, Melbourne
Ashley Chonka , Deakin University, Geelong
Robert H. Deng , Singapore Management University, Singapore
Xinyi Huang , Singapore Management University, Singapore
Jianying Zhou , Institute for Infocomm Research, Singapore
ABSTRACT
As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by three factors, namely password, smart card, and biometrics. A generic and secure framework is proposed to upgrade two-factor authentication to three-factor authentication. The conversion not only significantly improves the information assurance at low cost but also protects client privacy in distributed systems. In addition, our framework retains several practice-friendly properties of the underlying two-factor authentication, which we believe is of independent interest.
INDEX TERMS
Authentication, distributed systems, security, privacy, password, smart card, biometrics.
CITATION
Yang Xiang, Ashley Chonka, Robert H. Deng, Xinyi Huang, Jianying Zhou, "A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems", IEEE Transactions on Parallel & Distributed Systems, vol. 22, no. , pp. 1390-1397, August 2011, doi:10.1109/TPDS.2010.206
109 ms
(Ver )