Authentication Levels
White Paper
April 23, 2014
Summary
This document describes levels of authentication that can be utilized for users known and unknown to gain access to applications and solutions.
Summary ... 1
Authentication Levels Description ... 2
Multi-step Authentication Options ... 4
Authentication Levels Description
From least secure to most, the levels of authentication can be described as:
1. Single factor authentication
a) Requires the use of one “factor”, usually something the user knows b) Examples
ñ Password ñ PIN
2. Multi-step authentication
a) Requires a multi-step authentication process. The difference between “multi-step” and “multi-factor” is that multi-factors are all required simultaneously, and multi-step has steps which much be executed in consecutive order successfully. A multi-step authentication scheme which requires two physical keys, or two passwords, or two forms of biometric identification is not two-factor.
b) Examples
ñ Gmail: After providing the password you've memorized, you're required to also provide the one-time password displayed on your phone. While the phone may appear to be "something you have", from a security perspective it's still "something you know". This is because the key to the authentication isn't the device itself, but rather information stored on the device that could in theory be copied by an attacker. So, by copying both your memorized
password and the OTP configuration, an attacker could successfully impersonate you.
ñ Box: if you login to Box from a new device or computer, Box will text or email you a verification code which then needs to be entered to access Box from that new device.
3. Two-factor authentication
a) Requires the use of two-factors from the list of: ñ Something you have (token, key, etc.) ñ Something you know (password, PIN)
ñ Something you are (fingerprint, retina scan, etc.) b) Two-factor is a subset of two-step, but not vice versa c) Examples
ñ PKI systems that use password (something you know) to unlock keystore (something you have) containing public key/private key pair.
4. Multi-factor authentication
a) Requires the use of three or more factors from the list of: ñ Something you have (token, key, etc.)
ñ Something you know (password, PIN)
ñ Something you are (fingerprint, retina scan, etc.) b) Examples
ñ Key card entry systems that require fingerprint or retina scan. Slide in your card (something you have), enter the pin code
Multi-step Authentication Options
There are several options for multi-step authentication, with varying levels of ease of use and security. Some examples:
Email to known email address and Text to known Cell Phone
Description: after an attempt to register or authenticate, a verification link (email) or code (cell phone) is sent to known contact information for the user.
Pros: well-understood (in common usage by many consumer systems)
Cons: highly dependent on validity of user record (i.e., cell phone and email address must be accurate and proven); assumes only the user is using their email address or cell phone.
Known user registers unknown user
Description: a known user (e.g., an employee) utilizes his relationship with an unknown user (i.e., known user vouches for the identity of the unknown user) and registers the unknown user.
Pros: controlled registration environment (ease of implementation)
Cons: requires physical presence of the known user with the unknown user; puts trust of identification with current known user (i.e. requires audit).
Layers of Security
Authentication is just one layer of security. A common methodology for classifying the different layers of security is presented below.
Authentication
Authentication identifies the user. As seen in the previous sections, different methods can provide varying levels of certainty in identifying the user. Within Enterprises, authentication can and should be tied to existing user repositories, such as Active Directory.
Authorization
Authorization provides an authenticated user with permission to certain resources. For example, certain users may be allowed by an Enterprise access to certain patient’s data. Authorization is typically managed through a mapping table that the Enterprise keeps, and may be organizational (i.e., managers are allowed to see what their team members see).
Encryption of Data at Rest
Data stored on a PC, tablet, smart phone or other device can be encrypted depending on the type of data and the Enterprises policies. Encryption of the data
Media Sourcery solutions depend on user type (known/authenticated or unknown/anonymous). For known users:
• Data can be encrypted with user’s receiver’s public key after user clicks “send”
• The record store on the device is private
• The data is queue (in its encrypted state) if no data connection is found • The data is removed from the queue after assured delivery
For unknown users, the main difference in the encryption process is that data is encrypted with the server or organization’s public key after the user clicks “send” Encryption of Data in Motion
Data being transported can be encrypted at the transport level (SSL or secure VPN) and/or as an encrypted data parcel, using a two-factor PKI (Public Key Infrastructure) solution.
Electronic Signatures
An electronic signature, or eSignature, is an electronic indication of intent to agree to, adopt or approve the contents of a document. These can be digital images of a signature, captured after signing with a finger, stylus or other instrument. The U.S. Federal ESIGN Act defines an electronic signature as an “electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.”
Digital Signatures
Digital Signatures use a mathematical process, usually based on public key infrastructure (PKI) to ensure the authenticity of a digital message, digital document or other digital information. A digital signature is one form of electronic signature. Digital signatures ensure the authenticity of the signer and to trust that a signature is valid through the use of authentication, non-repudiation and usually a public and private key pair.
Non-‐Repudiation
Non-repudiation ensures that the sender of a certain piece of digital data cannot successfully challenge the validity that they sent that data. Media Sourcery’s patented non-repudiation implements this utilizing several methods to ensure identity, integrity of the data, and audit trail.
Tracking and audit trail
All events in the data’s security life cycle are tracked and logged. Easy to read audit trail reports can be produced from this data, or the log files can be integrated into an existing log file processing and reporting system.
Media Sourcery Solutions
The following table shows how the previously described levels of authentication and security apply to Media Sourcery’s current solutions.
Solution Authentication Authorization Encryption
at Rest Encryption in Motion Signatures Digital
Secure
Workflow Single factor Enterprise custom iPad – iOS secure
storage browser – data not persisted SSL N/A Secure data
Messenger Two-factor Group mapping Known and unknown
user model Device – uses PKI to encrypt for receiver before send SSL Parcel is encrypted as it transits, decrypted on receipt Two-factor Secure forms
Messenger Single or two factor N/A Known and unknown
user model
SSL Two-factor
with eSig Secure text
Messenger Singe or two factor Group mapping Device: Current – device protection Future – PKI Browser: data not persisted SSL Two-factor Secure
Replicator Two factor Enterprise custom Known and Unknown
(plug-in dependent) SSL Parcel is encrypted as it transits, decrypted on receipt Two factor
For More Information
Contact us at:Media Sourcery, Inc.
http://www.mediasourcery.com [email protected]
