Litcius/Paper detail

A Microservices and Blockchain Based One Time Password (MBB-OTP) Protocol for Security-Enhanced Authentication

Alessio Catalfamo, Armando Ruggeri, Antonio Celesti, Maria Fazio, Massimo Villari

20212021 IEEE Symposium on Computers and Communications (ISCC)17 citationsDOI

Abstract

Nowadays, the increasing complexity of digital applications for social and business activities has required more and more advanced mechanisms to prove the identity of subjects like those based on the Two-Factor Authentication (2FA). Such an approach improves the typical authentication paradigm but it has still some weaknesses. Specifically, it has to deal with the disadvantages of a centralized architecture causing several security threats like denial of service (DoS) and man-in-the-middle (MITM). In fact, an attacker who succeeds in violating the central authentication server could be able to impersonate an authorized user or block the whole service. This work advances the state of art of 2FA solutions by proposing a decentralized Microservices and Blockchain Based One Time Password (MBB-OTP) protocol for security-enhanced authentication able to mitigate the aforementioned threats and to fit different application scenarios. Experiments prove the goodness of our MBB-OTP protocol considering both private and public Blockchain configurations.

Topics & Concepts

Computer scienceComputer securityAuthentication protocolAuthentication (law)PasswordOne-time passwordDenial-of-service attackMicroservicesProtocol (science)Multi-factor authenticationComputer networkCloud computingOperating systemThe InternetAlternative medicinePathologyMedicineSoftware System Performance and ReliabilityNetwork Security and Intrusion DetectionAdvanced Malware Detection Techniques