Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication

Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication

Information systems of critical infrastructure provide services on which the core functions of a state and its economy depend as well as welfare of society. Such systems are becoming an increasingly common target for crimes and attacks in cyberspace, as their vulnerabilities can be exploited for mal...

Full description

Bibliographic Details
Main Authors: Rasa Bruzgiene, Konstantinas Jurgilas
Format: Article
Language:English
Published: MDPI AG 2021-07-01
Series:Electronics
Subjects:
2FA authentication
critical infrastructure
penetration testing
vulnerability
cyber-attack
Online Access:https://www.mdpi.com/2079-9292/10/15/1819
id doaj-63b0739eebac4183a7a511851f21fb26
record_format Article
spelling doaj-63b0739eebac4183a7a511851f21fb262021-08-06T15:21:14ZengMDPI AGElectronics2079-92922021-07-01101819181910.3390/electronics10151819Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor AuthenticationRasa Bruzgiene0Konstantinas Jurgilas1Department of Computer Sciences, Kaunas University of Technology, Studentu Str. 50-211, 51368 Kaunas, LithuaniaDepartment of Computer Sciences, Kaunas University of Technology, Studentu Str. 50-211, 51368 Kaunas, LithuaniaInformation systems of critical infrastructure provide services on which the core functions of a state and its economy depend as well as welfare of society. Such systems are becoming an increasingly common target for crimes and attacks in cyberspace, as their vulnerabilities can be exploited for malicious activities seeking financial or political gain. One of the main reasons that threatens the security of these systems is the weak control of remote access, otherwise defined as management of a system’s user identity. Management of user identity depends on user authentication, authorization and the assignment of certain rights in the digital space. This paper provides the proposed two-factor (2FA) digital authentication method for remote access to an information system of a critical infrastructure. Results of testing the method’s usability and resilience to cyber threats have shown that the system, in which the method was implemented, is protected from dangerous HTTP requests and publicly available system’s endpoints are protected from threatening inputs that could cause malicious activities on the critical infrastructure. Additionally, the implementation of the authentication API application ensures the rapidity of the method for less than 500 ms for 100 users working in parallel with the system at the same time.https://www.mdpi.com/2079-9292/10/15/18192FA authenticationcritical infrastructurepenetration testingvulnerabilitycyber-attack
collection DOAJ
language English
format Article
sources DOAJ
author Rasa Bruzgiene
Konstantinas Jurgilas
spellingShingle Rasa Bruzgiene
Konstantinas Jurgilas
Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication
Electronics
2FA authentication
critical infrastructure
penetration testing
vulnerability
cyber-attack
author_facet Rasa Bruzgiene
Konstantinas Jurgilas
author_sort Rasa Bruzgiene
title Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication
title_short Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication
title_full Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication
title_fullStr Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication
title_full_unstemmed Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication
title_sort securing remote access to information systems of critical infrastructure using two-factor authentication
publisher MDPI AG
series Electronics
issn 2079-9292
publishDate 2021-07-01
description Information systems of critical infrastructure provide services on which the core functions of a state and its economy depend as well as welfare of society. Such systems are becoming an increasingly common target for crimes and attacks in cyberspace, as their vulnerabilities can be exploited for malicious activities seeking financial or political gain. One of the main reasons that threatens the security of these systems is the weak control of remote access, otherwise defined as management of a system’s user identity. Management of user identity depends on user authentication, authorization and the assignment of certain rights in the digital space. This paper provides the proposed two-factor (2FA) digital authentication method for remote access to an information system of a critical infrastructure. Results of testing the method’s usability and resilience to cyber threats have shown that the system, in which the method was implemented, is protected from dangerous HTTP requests and publicly available system’s endpoints are protected from threatening inputs that could cause malicious activities on the critical infrastructure. Additionally, the implementation of the authentication API application ensures the rapidity of the method for less than 500 ms for 100 users working in parallel with the system at the same time.
topic 2FA authentication
critical infrastructure
penetration testing
vulnerability
cyber-attack
url https://www.mdpi.com/2079-9292/10/15/1819
work_keys_str_mv AT rasabruzgiene securingremoteaccesstoinformationsystemsofcriticalinfrastructureusingtwofactorauthentication
AT konstantinasjurgilas securingremoteaccesstoinformationsystemsofcriticalinfrastructureusingtwofactorauthentication
_version_ 1721218704626155520

Similar Items