Secure Authentication-Management human-centric Scheme for trusting personal resource information on mobile cloud computing with blockchain

Kim, Hyun-Woo; Jeong, Young-Sik

doi:10.1186/s13673-018-0136-7

Table 1 Authentication methods and their advantages and disadvantages

From: Secure Authentication-Management human-centric Scheme for trusting personal resource information on mobile cloud computing with blockchain

Authentication method		Advantages	Disadvantages
Knowledge-based authentication [22]	Static knowledge-based authentication	No need for hardware Low implementation cost High user convenience	Less secure than the other authentication methods Vulnerable to various attacks, such as shoulder surfing attacks and smudge attacks
Knowledge-based authentication [22]	Dynamic knowledge-based authentication	Better security than the static knowledge-based authentication Questions and answers based on the user’s personal information; no need to set password	Users must memorize their own records because they will not know the questions in advance Malicious users can access via the exposed personal information of other users
Possession-based authentication [23]	Hardware type	Better security than the knowledge-based authentication method	Users must possess separate hardware, such as a One Time Password (OTP) terminal If the terminal is lost, it can lead to security threats
Possession-based authentication [23]	Software type	Better security than the knowledge-based authentication method Higher portability and convenience compared to the hardware type of possession-based authentication	High risk of leakage because it is stored in a logical storage medium
Inherence-based authentication [22] (Biometric-based authentication)	Based on the user’s physical characteristics	Authentication based on various parts of the user’s body, such as face recognition, iris recognition, fingerprint recognition, vein recognition, and heart rate and ECG recognition High security High convenience	Difficult to implement and manage High cost Data loss due to physical recognition error
	Based on the user’s physical behaviors	Authentication based on the recognition of the user’s behaviors, including voice, typing rhythm, signature pattern, signature pressure, and user motion High security High convenience	Difficult to implement and manage High cost Vulnerable to a recorded voice Difficult to set the recognition tolerance range
Multi-factor authentication [22]		Higher security compared to single-factor authentication Reduced masquerade threat	Vulnerable to man-in-the-middle attacks Difficult to implement and manage High cost

Back to article page