Special Offers
- IGI Global’s New Emerging Topic e-Book Collections
  Acquire highly focused and affordable Cutting-Edge Peer-Reviewed Research Content through a selection of 17 topic-focused e-Book Collections discounted up to 90%, compared to list prices. Collection topics include Artificial Intelligence, Data Science, Language Learning, Marketing and Customer Relations, Sustainability, and many more. Hosted on the InfoSci^® platform, these collections feature no DRM, no additional cost for multi-user licensing, no embargo of content, full-text PDF & HTML format, and more.
  Learn More
- Open Access Book (Free Access) - Encyclopedia of Information Science and Technology, Sixth Edition (ISBN: 9781668473665)
  The Encyclopedia of Information Science and Technology, Sixth Edition) continues the legacy set forth by the first five editions by providing comprehensive coverage and up-to-date definitions of the most important issues, concepts, and trends pertaining to technological advancements and information management within a variety of settings and industries. The entire book is being published under open access.
  Read Now
- Open Access Book (Free Access) - Food Sustainability, Environmental Awareness, and Adaptation and Mitigation Strategies for Developing Countries (ISBN: 9781668456293)
  Food Sustainability, Environmental Awareness, and Adaptation and Mitigation Strategies for Developing Countries provides information on the recent technology, mitigation, and environmental protection that must be applied for food sustainability in developing countries. This book is being published under Platinum Open Access through funding from Diponegoro University, Indonesia.
  Read Now
- Open Access Book (Free Access) - New Models of Higher Education: Unbundled, Rebundled, Customized, and DIY (ISBN: 9781668438091)
  The Walmart Corporation and the Lumina Foundation have provided funding to make New Models of Higher Education: Unbundled, Rebundled, Customized, and DIY fully open access, completely removing any paywall between scholars in education and the latest research on new models for the future of higher education.
  Read Now
- Open Access Book (Free Access) - Handbook of Research on the Global View of Open Access and Scholarly Communications (ISBN: 9781799898054)
  Through a collaboration between IGI Global and the University of North Texas, the Handbook of Research on the Global View of Open Access and Scholarly Communications has been published as fully open access, completely removing any paywall between researchers of any field, and the latest research on the equitable and inclusive nature of Open Access and all of its complications.
  Read Now
Books
- - Books by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Books by Field
Journals
- - Journals
  - OnDemand Journal Articles
  - Journals by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Journals by Field
e-Collections
OnDemand
Open Access
- View All Open Access Opportunities
  Search across all of IGI Global’s available open access publishing opportunities to unleash your research potential.
  Find an Open Access Journal for Your Next Manuscript
  Search across all of IGI Global’s available open access publishing opportunities to unleash your research potential.
  Submit an Open Access Book Proposal
  Learn more about open access book publishing and how it can propel your research forward in the field.
  Convert Your Work to Open Access
  Already published? You can convert your work to open access to increase its impact through IGI Global’s Restrospective Open Access Program.
  Utilize Open Access Collection Database
  Open up your research potential by utilizing our open access content or integrating the open access collection into your library
  Consider Open Access Agreements
  For Libraries: consider no-cost or investment-level open access agreements with IGI Global to support your faculty's research endeavors.
  Search Funding Resources
  Looking for additional funding resources to support your open accesss endeavors? View industry resources compiled by our open access team.
  Review Open Access Policies & Ethical Guidelines
  Considering IGI Global to publish your work under open access? Review IGI Global’s open access policies and ethical guidelines
Publish with Us
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - K-12 Online Learning Collection
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - COPE Membership
  - Fair Use Policy
  - Open Access Publishing
  - FAQ
Catalogs
About Us

An Expert Panel Approach on Developing a Unified System Authentication Benchmarking Index

Herbert J. Mattord, Yair Levy, Steven Furnell

Source Title: International Journal of Interdisciplinary Telecommunications and Networking (IJITN) 5(2)

DOI: 10.4018/jitn.2013040103

OnDemand:

(Individual Articles)

Available

$37.50

Current Special Offers

No Current Special Offers

Abstract

Network-based applications still rely heavily on password-based authentication methods to control access. In a recent study, a benchmarking instrument was used to assess authentication methods used in such systems. The authors’ instrument was built on an extensive literature foundation and was validated with an expert panel assessment. This paper reports on the development of the instrument and the expert panel assessment. The initial draft of the instrument was derived from literature to assess 1) password strength requirements, 2) password usage methods, and 3) password reset requirements. Criteria within the index were evaluated by an expert panel, who also provided opinions on the relative weights of the criteria and measures. The expert panel results were analyzed using Multi-Criteria Decision Analysis (MCDA) techniques. Their results revealed that out of 100% allocation, Password Strength Measure (PSM) was the dominant factor in the aggregated perception of the panel of experts with weight of 43.1%, followed by Password Initialization and Reset Measure (PIRM) with weight of 29.2%, and Password Usage Measure (PUM) with weight of 27.7%. They concluded with discussions on how criteria were assembled, how the panel was conducted, and results from the panel. The results reported include the relative weights of the three measures within the unified system authentication benchmarking index.

Article Preview

Top

Theorethical Background

Access control includes those methods that are specified by systems to govern the identification, authentication, authorization, and accountability of systems users (Firesmith, 2003). An authentication method is one that validates a proposed user’s identity so as to allow a system to discriminate between valid and invalid identities (Clarke et al., 2008; Sandhu & Samarati, 1996). Authorization is the process used by a system to grant specific permissions to use system features based on the authenticated identity of a user (Sandhu et al., 1996). Accountability, sometimes called security auditing, is the means by which a system records its actions for later analysis (Firesmith, 2003). For example, a firewall control, implemented in a hardware appliance, will often record all access attempts and the results of each of those attempts in a system log file. That log file can later be evaluated for auditing purposes.

An authentication method is a technique used by a system to perform authentication of potential users in order to confirm the identity of the user (Whitman & Mattord, 2011). Authentication methods include specifying which and how many authentication factors are used, what values are allowable, and which associated access control procedures are used to control the actions taken by authenticated users (Sandhu & Samarati, 1996). The difference in how users react to specified authentication methods with manifested authentication practices may enable attacks on the system (Furnell, 2007). Attacks against Web-based ISs have been showcased in media reports as widespread and growing (Acohido, 2009; Ramim & Levy, 2006). Moreover, Acohido (2009) noted that the “the vast majority of organizations routinely fail to take simple defensive measures, such as shoring up common Website weaknesses or uniformly enforcing the use of strong passwords” (p. B1). Unfortunately, it is widely known that authentication methods that rely solely on passwords are easily compromised (Furnell & Zekri, 2006). Such compromises may allow misuse of the ISs when they are protected by methods built on specifications of insufficient authentication methods (D’Arcy & Hovav, 2007). The potential for misuse exists when insiders or outsiders exploit insufficient authentication methods or practices to gain unauthorized access to perform unauthorized actions (Furnell & Zekri, 2006).

Complete Article List

Search this Journal:

Reset

Volume 16: 1 Issue (2024)

Volume 15: 1 Issue (2023)

Volume 14: 1 Issue (2022)

Volume 13: 4 Issues (2021)

Volume 12: 4 Issues (2020)

Volume 11: 4 Issues (2019)

Volume 10: 4 Issues (2018)

Volume 9: 4 Issues (2017)

Volume 8: 4 Issues (2016)

Volume 7: 4 Issues (2015)

Volume 6: 4 Issues (2014)

Volume 5: 4 Issues (2013)

Volume 4: 4 Issues (2012)

Volume 3: 4 Issues (2011)

Volume 2: 4 Issues (2010)

Volume 1: 4 Issues (2009)

View Complete Journal Contents Listing

MLA

APA

Chicago

Export Reference

An Expert Panel Approach on Developing a Unified System Authentication Benchmarking Index

Abstract

Theorethical Background

Complete Article List