Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication
Information systems of critical infrastructure provide services on which the core functions of a state and its economy depend as well as welfare of society. Such systems are becoming an increasingly common target for crimes and attacks in cyberspace, as their vulnerabilities can be exploited for mal...
Main Authors: | , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2021-07-01
|
Series: | Electronics |
Subjects: | |
Online Access: | https://www.mdpi.com/2079-9292/10/15/1819 |
id |
doaj-63b0739eebac4183a7a511851f21fb26 |
---|---|
record_format |
Article |
spelling |
doaj-63b0739eebac4183a7a511851f21fb262021-08-06T15:21:14ZengMDPI AGElectronics2079-92922021-07-01101819181910.3390/electronics10151819Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor AuthenticationRasa Bruzgiene0Konstantinas Jurgilas1Department of Computer Sciences, Kaunas University of Technology, Studentu Str. 50-211, 51368 Kaunas, LithuaniaDepartment of Computer Sciences, Kaunas University of Technology, Studentu Str. 50-211, 51368 Kaunas, LithuaniaInformation systems of critical infrastructure provide services on which the core functions of a state and its economy depend as well as welfare of society. Such systems are becoming an increasingly common target for crimes and attacks in cyberspace, as their vulnerabilities can be exploited for malicious activities seeking financial or political gain. One of the main reasons that threatens the security of these systems is the weak control of remote access, otherwise defined as management of a system’s user identity. Management of user identity depends on user authentication, authorization and the assignment of certain rights in the digital space. This paper provides the proposed two-factor (2FA) digital authentication method for remote access to an information system of a critical infrastructure. Results of testing the method’s usability and resilience to cyber threats have shown that the system, in which the method was implemented, is protected from dangerous HTTP requests and publicly available system’s endpoints are protected from threatening inputs that could cause malicious activities on the critical infrastructure. Additionally, the implementation of the authentication API application ensures the rapidity of the method for less than 500 ms for 100 users working in parallel with the system at the same time.https://www.mdpi.com/2079-9292/10/15/18192FA authenticationcritical infrastructurepenetration testingvulnerabilitycyber-attack |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Rasa Bruzgiene Konstantinas Jurgilas |
spellingShingle |
Rasa Bruzgiene Konstantinas Jurgilas Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication Electronics 2FA authentication critical infrastructure penetration testing vulnerability cyber-attack |
author_facet |
Rasa Bruzgiene Konstantinas Jurgilas |
author_sort |
Rasa Bruzgiene |
title |
Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication |
title_short |
Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication |
title_full |
Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication |
title_fullStr |
Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication |
title_full_unstemmed |
Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication |
title_sort |
securing remote access to information systems of critical infrastructure using two-factor authentication |
publisher |
MDPI AG |
series |
Electronics |
issn |
2079-9292 |
publishDate |
2021-07-01 |
description |
Information systems of critical infrastructure provide services on which the core functions of a state and its economy depend as well as welfare of society. Such systems are becoming an increasingly common target for crimes and attacks in cyberspace, as their vulnerabilities can be exploited for malicious activities seeking financial or political gain. One of the main reasons that threatens the security of these systems is the weak control of remote access, otherwise defined as management of a system’s user identity. Management of user identity depends on user authentication, authorization and the assignment of certain rights in the digital space. This paper provides the proposed two-factor (2FA) digital authentication method for remote access to an information system of a critical infrastructure. Results of testing the method’s usability and resilience to cyber threats have shown that the system, in which the method was implemented, is protected from dangerous HTTP requests and publicly available system’s endpoints are protected from threatening inputs that could cause malicious activities on the critical infrastructure. Additionally, the implementation of the authentication API application ensures the rapidity of the method for less than 500 ms for 100 users working in parallel with the system at the same time. |
topic |
2FA authentication critical infrastructure penetration testing vulnerability cyber-attack |
url |
https://www.mdpi.com/2079-9292/10/15/1819 |
work_keys_str_mv |
AT rasabruzgiene securingremoteaccesstoinformationsystemsofcriticalinfrastructureusingtwofactorauthentication AT konstantinasjurgilas securingremoteaccesstoinformationsystemsofcriticalinfrastructureusingtwofactorauthentication |
_version_ |
1721218704626155520 |