Scientific paper ID 2065 : 2021/1
METHOD FOR PROVIDING TWO-FACTOR AUTHENTICATION IN OPERATING SYSTEMS WORKING WITH AUTHENTICATION SERVICES WITH CENTRALIZED ACCOUNT DATABASES IN TELECOMMUNICATION NETWORKS
Bohdan Rezanov1, Galina Cherneva2, Maksym Bartosh1
During the research, method for providing two-factor authentication in operating systems working with authentication services with centralized account databases in telecommunication networks
The work is dedicated to the development of a method for integrating two-factor authentication into operating systems by integrating the second factor into a centralized account database.
The work described scheme of an authentication process by using an additional component, the high-level scheme of interaction of system modules that implements the proposed method, sequence diagram of interaction of modules during user registration, authentication process using the proposed method.
Method is based on injecting OTP directly into the authentication service with a centralized account database.
The developed system consists of 9 interconnected modules, in which 7 relate directly to the system and 2 additional blocks (user and services).
In the proposed method, the authentication process has been improved by integrating the second factor into an authentication service with a centralized account database. This improvement made it possible to achieve universality, shorten the authentication time, and achieve the inexpediency of compromising the first factor.
The proposed method lacks an additional segment (service for checking the second factor).
двухфакторная аутентификация Active Directory LDAP MFA операционная система телекоммуникационная сеть.two-factor authentication Active directory LDAP MFA operation system telecommunication networkBohdan Rezanov Galina Cherneva Maksym Bartosh
 Methods and systems for multifactor authentication // https://patents.google.com/ patent/US7739744B2/en
 Jae-Jung Kim, Seng-Phil Hong A Method of Risk Assessment for Multi-Factor Authentication. Journal of Information Processing Systems, Vol.7, No.1, March 2011
 Multi-Factor Authentication System and a Logon Method of a Windows Operating System // https://patents.google.com/patent/US2008011...
 Duo Authentication for Windows Logon and RDP // https://duo.com/docs/rdp
 TOTP: Time-Based One-Time Password Algorithm // https://tools.ietf.org/html/rfc6238
 The Base16, Base32, and Base64 Data Encodings // https://tools.ietf.org/html/rfc4648
 Hardware security module // https://en.wikipedia.org/wiki/Hardware_secu...
 The PKCS 11 URI Scheme // https://tools.ietf.org/html/rfc7512
 SQL // https://en.wikipedia.org/wiki/SQL
 Transmission control protocol (TCP) // https://tools.ietf.org/html/rfc793
 The Secure Sockets Layer (SSL) Protocol Version 3.0 // https://tools.ietf.org/ html/rfc6101