Seguridad en Sistemas de Autenticación: Análisis de Vulnerabilidades y Estrategias de Mitigación:

Isai Valeri Marmolejo Corona; Gerardo Andres Serrano Manzano; Fernando Angel Bautista Aguilar; ya Santiago Gonzalez

doi:10.29057/xikua.v11i22.10802

Isai Valeri Marmolejo Corona Universidad Autónoma del Estado de Hidalgo
Gerardo Manzano Universidad Autónoma del Estado de Hidalgo https://orcid.org/0000-0001-7261-7243
Fernando Angel Bautista Aguilar Universidad Autónoma del Estado de Hidalgo https://orcid.org/0000-0002-9158-2004
Fernando Santiago Escuela Superior de Tlahuelilpan. Universidad Autónoma del Estado de Hidalgo https://orcid.org/0000-0003-4797-6134

DOI: https://doi.org/10.29057/xikua.v11i22.10802

Keywords: Authentication, computer security, systems, users, data, data protection, Single-Factor Authentication, Two-Factor Authentication

Abstract

Currently the importance of authentication systems as an important process to ensure security and privacy in the digital world and protect the integrity of information on a network. In the text we mention some of the types of authentication systems: Single-Factor Authentication (SFA) and Two-Factor Authentication (2FA) in addition to biometric authentication. It is discussed and as such, provide a secure way to authenticate users. By verifying the identity of the issuer and ensuring the integrity of the information transmitted, digital certificates are a vital tool to ensure online security Authentication systems and digital certificates are critical to protecting sensitive information online. As cyberattacks become more frequent and sophisticated, it is crucial to have reliable and robust authentication systems to ensure the security and privacy of users. Therefore, the use of authentication systems and digital certificates should be a priority for any organization or individual looking to protect themselves against cyber threats.

Downloads

Download data is not yet available.

References

BBVA. Te ayudamos a descubrir qué es un 'token' y para qué sirve [Internet]. BBVA; 2023 Feb 10 [citado 2023 Feb 17]. Disponible en: https://www.bbva.com/es/que-es-un-token-y-para-que-sirve/

IBM. Conceptos de seguridad: Identificación y autenticación [Internet]. IBM; s.f. [citado 2023 Feb 17]. Disponible en: https://www.ibm.com/docs/es/ibm-mq/7.5?topic=ssfksj-7-5-0-com-ibm-mq-sec-doc-q009740--htm

Nidecki TA. Authentication and Access Control in Web Applications [Internet]. Toptal; s.f. [citado 2023 Feb 17]. Disponible en: https://www.toptal.com/security/authentication-and-access-control-in-web-applications

Podgorny A. Authentication, Authorization, and Accounting (AAA) in Computer Networks [Internet]. Cisco; s.f. [citado 2023 Feb 17]. Disponible en: https://www.cisco.com/c/en/us/support/docs/security/authentication-authorization-accounting-aaa/13851-10.html

Patil S. Secure User Authentication in Web Applications [Internet]. Imperva; s.f. [citado 2023 Feb 17]. Disponible en: https://www.imperva.com/learn/application-security/user-authentication/

Parecki A. OAuth 2.0 [Internet]. OAuth; s.f. [citado 2023 Feb 17]. Disponible en: https://oauth.net/2/

OASIS. SAML: Security Assertion Markup Language [Internet]. OASIS; s.f. [citado 2023 Feb 17]. Disponible en: https://www.oasis-open.org/standards#samlv2.0

The Password Hashing Competition. Password Hashing Competition [Internet]. The Password Hashing Competition; s.f. [citado 2023 Feb 17]. Disponible en: https://password-hashing.net/

National Cyber Security Centre (NCSC). Multi-Factor Authentication (MFA) [Internet]. NCSC; s.f. [citado 2023 Feb 17]. Disponible en: https://www.ncsc.gov.uk/collection/multi-factor-authentication

Kukic A. Authentication and Authorization with JWT [Internet]. Auth0; s.f. [citado 2023 Feb 17]. Disponible en: https://auth0.com/blog/authentication-and-authorization-with-jwts-explained/

Banafa A. The Evolution of Authentication and its Importance in Cybersecurity [Internet]. Analytics Insight; s.f. [citado 2023 Feb 17]. Disponible en: https://www.analyticsinsight.net/the-evolution-of-authentication-and-its-importance-in-cybersecurity/

Kuppinger M. Continuous Authentication: ¿Why and How? [Internet]. KuppingerCole; s.f. [citado 2023 Feb 17]. Disponible en: https://www.kuppingercole.com/report/continuousauthentication

Dropbox. ¿Qué es la autenticación de dos factores? [Internet]. Dropbox; s.f. [citado 2023 Feb 17]. Disponible en: https://experience.dropbox.com/es-la/resources/what-is-2fa

SciELO - Scientific Electronic Library Online [Internet]. [place unknown]: SciELO; [date unknown] [cited 2023 Mar 4]. Available from: https://www.scielo.org/.

Microsoft. ¿Qué es el phishing? [Internet]. [citado el 4 de marzo de 2023]. Disponible en: https://www.microsoft.com/es-mx/security/business/security-101/what-is-phishing