Existing authentication methods are reviewed, the comparative analysis of them is carried out. Based on the specifics of the protected system, a number of requirements for the authentication mechanism being developed are defined. Two-factor authentication method with electronic key, which represents electronic carrier, obtaining some hardware characteristics that also act as an additional authentication factor, with a secret recorded on it, and one-time six-digit password, transmitted to the user’s mobile device via an SMS-channel, is proposed. The selection and further configuration of the infrastructure for authentication system software implementation is carried out, and realization of obtained algorithm is held. Authentication system architecture, which is embodied in the form of a client-server application, is introduced. As a result, software solution, which increases the security of user access to the cloud service, is received. Two-factor authentication system improvement activities are proposed as a part of further optimization. The prospects for further development of the software product are considered.

Authors: V. D. Sergeev, R. R. Fatkieva

Direction: Informatics and Computer Technologies

Keywords: Authentication system, two-factor authentication, dongle, one-time password, digital certificate, SMS-channel

View full article