Cargando…
Usable comprehensive-factor authentication for a secure time attendance system
In information security, it is widely accepted that the more authentication factors are used, the higher the security level. However, more factors cannot guarantee usability in real usage because human and other non-technical factors are involved. This paper proposes the use of all possible authenti...
| Autores principales: | , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
PeerJ Inc.
2021
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8384039/ https://www.ncbi.nlm.nih.gov/pubmed/34497871 http://dx.doi.org/10.7717/peerj-cs.678 |
| _version_ | 1783741843785121792 |
|---|---|
| author | Vorakulpipat, Chalee Pichetjamroen, Sasakorn Rattanalerdnusorn, Ekkachan |
| author_facet | Vorakulpipat, Chalee Pichetjamroen, Sasakorn Rattanalerdnusorn, Ekkachan |
| author_sort | Vorakulpipat, Chalee |
| collection | PubMed |
| description | In information security, it is widely accepted that the more authentication factors are used, the higher the security level. However, more factors cannot guarantee usability in real usage because human and other non-technical factors are involved. This paper proposes the use of all possible authentication factors, called comprehensive-factor authentication, which can maintain the required security level and usability in real-world implementation. A case study of an implementation of a secure time attendance system that applies this approach is presented. The contribution of this paper is therefore to provide a security scheme seamlessly integrating all classical authentication factors plus a location factor into one single system in a real environment with a security and usability focus. Usability factors emerging from the study are related to a seamless process including the least number of actions required, the lowest amount of time taken, health safety during the pandemic, and data privacy compliance. |
| format | Online Article Text |
| id | pubmed-8384039 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2021 |
| publisher | PeerJ Inc. |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-83840392021-09-07 Usable comprehensive-factor authentication for a secure time attendance system Vorakulpipat, Chalee Pichetjamroen, Sasakorn Rattanalerdnusorn, Ekkachan PeerJ Comput Sci Mobile and Ubiquitous Computing In information security, it is widely accepted that the more authentication factors are used, the higher the security level. However, more factors cannot guarantee usability in real usage because human and other non-technical factors are involved. This paper proposes the use of all possible authentication factors, called comprehensive-factor authentication, which can maintain the required security level and usability in real-world implementation. A case study of an implementation of a secure time attendance system that applies this approach is presented. The contribution of this paper is therefore to provide a security scheme seamlessly integrating all classical authentication factors plus a location factor into one single system in a real environment with a security and usability focus. Usability factors emerging from the study are related to a seamless process including the least number of actions required, the lowest amount of time taken, health safety during the pandemic, and data privacy compliance. PeerJ Inc. 2021-08-16 /pmc/articles/PMC8384039/ /pubmed/34497871 http://dx.doi.org/10.7717/peerj-cs.678 Text en © 2021 Vorakulpipat et al. https://creativecommons.org/licenses/by/4.0/This is an open access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/) , which permits unrestricted use, distribution, reproduction and adaptation in any medium and for any purpose provided that it is properly attributed. For attribution, the original author(s), title, publication source (PeerJ Computer Science) and either DOI or URL of the article must be cited. |
| spellingShingle | Mobile and Ubiquitous Computing Vorakulpipat, Chalee Pichetjamroen, Sasakorn Rattanalerdnusorn, Ekkachan Usable comprehensive-factor authentication for a secure time attendance system |
| title | Usable comprehensive-factor authentication for a secure time attendance system |
| title_full | Usable comprehensive-factor authentication for a secure time attendance system |
| title_fullStr | Usable comprehensive-factor authentication for a secure time attendance system |
| title_full_unstemmed | Usable comprehensive-factor authentication for a secure time attendance system |
| title_short | Usable comprehensive-factor authentication for a secure time attendance system |
| title_sort | usable comprehensive-factor authentication for a secure time attendance system |
| topic | Mobile and Ubiquitous Computing |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8384039/ https://www.ncbi.nlm.nih.gov/pubmed/34497871 http://dx.doi.org/10.7717/peerj-cs.678 |
| work_keys_str_mv | AT vorakulpipatchalee usablecomprehensivefactorauthenticationforasecuretimeattendancesystem AT pichetjamroensasakorn usablecomprehensivefactorauthenticationforasecuretimeattendancesystem AT rattanalerdnusornekkachan usablecomprehensivefactorauthenticationforasecuretimeattendancesystem |