Security in Authentication Systems: Vulnerability Analysis and Mitigation Strategies
Importance and best practices for securing online authentication
Abstract
Currently the importance of authentication systems as an important process to ensure security and privacy in the digital world and protect the integrity of information on a network. In the text we mention some of the types of authentication systems: Single-Factor Authentication (SFA) and Two-Factor Authentication (2FA) in addition to biometric authentication. It is discussed and as such, provide a secure way to authenticate users. By verifying the identity of the issuer and ensuring the integrity of the information transmitted, digital certificates are a vital tool to ensure online security Authentication systems and digital certificates are critical to protecting sensitive information online. As cyberattacks become more frequent and sophisticated, it is crucial to have reliable and robust authentication systems to ensure the security and privacy of users. Therefore, the use of authentication systems and digital certificates should be a priority for any organization or individual looking to protect themselves against cyber threats.
Downloads
References
BBVA. Te ayudamos a descubrir qué es un 'token' y para qué sirve [Internet]. BBVA; 2023 Feb 10 [citado 2023 Feb 17]. Disponible en: https://www.bbva.com/es/que-es-un-token-y-para-que-sirve/
IBM. Conceptos de seguridad: Identificación y autenticación [Internet]. IBM; s.f. [citado 2023 Feb 17]. Disponible en: https://www.ibm.com/docs/es/ibm-mq/7.5?topic=ssfksj-7-5-0-com-ibm-mq-sec-doc-q009740--htm
Nidecki TA. Authentication and Access Control in Web Applications [Internet]. Toptal; s.f. [citado 2023 Feb 17]. Disponible en: https://www.toptal.com/security/authentication-and-access-control-in-web-applications
Podgorny A. Authentication, Authorization, and Accounting (AAA) in Computer Networks [Internet]. Cisco; s.f. [citado 2023 Feb 17]. Disponible en: https://www.cisco.com/c/en/us/support/docs/security/authentication-authorization-accounting-aaa/13851-10.html
Patil S. Secure User Authentication in Web Applications [Internet]. Imperva; s.f. [citado 2023 Feb 17]. Disponible en: https://www.imperva.com/learn/application-security/user-authentication/
Parecki A. OAuth 2.0 [Internet]. OAuth; s.f. [citado 2023 Feb 17]. Disponible en: https://oauth.net/2/
OASIS. SAML: Security Assertion Markup Language [Internet]. OASIS; s.f. [citado 2023 Feb 17]. Disponible en: https://www.oasis-open.org/standards#samlv2.0
The Password Hashing Competition. Password Hashing Competition [Internet]. The Password Hashing Competition; s.f. [citado 2023 Feb 17]. Disponible en: https://password-hashing.net/
National Cyber Security Centre (NCSC). Multi-Factor Authentication (MFA) [Internet]. NCSC; s.f. [citado 2023 Feb 17]. Disponible en: https://www.ncsc.gov.uk/collection/multi-factor-authentication
Kukic A. Authentication and Authorization with JWT [Internet]. Auth0; s.f. [citado 2023 Feb 17]. Disponible en: https://auth0.com/blog/authentication-and-authorization-with-jwts-explained/
Banafa A. The Evolution of Authentication and its Importance in Cybersecurity [Internet]. Analytics Insight; s.f. [citado 2023 Feb 17]. Disponible en: https://www.analyticsinsight.net/the-evolution-of-authentication-and-its-importance-in-cybersecurity/
Kuppinger M. Continuous Authentication: ¿Why and How? [Internet]. KuppingerCole; s.f. [citado 2023 Feb 17]. Disponible en: https://www.kuppingercole.com/report/continuousauthentication
Dropbox. ¿Qué es la autenticación de dos factores? [Internet]. Dropbox; s.f. [citado 2023 Feb 17]. Disponible en: https://experience.dropbox.com/es-la/resources/what-is-2fa
SciELO - Scientific Electronic Library Online [Internet]. [place unknown]: SciELO; [date unknown] [cited 2023 Mar 4]. Available from: https://www.scielo.org/.
Microsoft. ¿Qué es el phishing? [Internet]. [citado el 4 de marzo de 2023]. Disponible en: https://www.microsoft.com/es-mx/security/business/security-101/what-is-phishing
Copyright (c) 2023 Isai Valeri Marmolejo Corona, Gerardo Andres Serrano Manzano, Fernando Angel Bautista Aguilar, Yahir Fernando Santiago Gonzalez
![Creative Commons License](http://i.creativecommons.org/l/by-nc-nd/4.0/88x31.png)
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.