Authentication systems: principles and threats

Abstract

Identity manipulation is considered a serious security issue that has been enlarged with the spread of automated systems that could be accessed either locally or remotely. Availability, integrity, and confidentiality represent the basic requirements that should be granted for successful authentication systems. Personality verification has taken multiple forms depending on different possession types. They are divided into knowledge based, token based, and biometric based authentication. The permanent ownership to the human being has increased the chances of deploying biometrics based authentication in highly secure systems. It includes capturing the biological traits, which are physiological or behavioral, extracting the important features and comparing them to the previously stored features that belong to the claimed user. Various kinds of attacks aim to take down the basic requirements at multiple points. This paper describes different types of authentication along with their vulnerable points and threatening attacks. Then it provides more details about the biometric system structure as well as examples of distinguishing biological characteristics, organized by their locations. It shows the performance results of various biometric systems along with the deployed algorithms for different components.