Безопасность информационных технологий (Dec 2020)
Analysis vulnerabilities of user authentication process using Active Directory
Abstract
The paper presents the results of the analysis and synthesis of scientific and technical literature, regulations, standards in the field of information security of information systems (IS), using third-party user authentication services. The context of the considered IS is introduced. Vulnerabilities in user authentication using the Active Directory service are described. Based on the functional features of the client application included in the IS, a conceptual model of threats to the information security of the IS is built. This model is used to identify and investigate possible attacks on the user authentication process. As a result of identifying critical points of system security, the main requirements are formed, the observance of which will improve the state of security of systems, namely: the need to ensure the authenticity and integrity of computers participating in the process of authenticating users in the application, the need to ensure the confidentiality of transmitted and stored user authenticating data. The results of this work make it possible to secure the authentication process using Active Directory technology, as well as to carry out further research in the field of user authentication in distributed systems. The analysis performed allows us to conclude that the proposed authentication method is safe if the identified requirements are met.
Keywords
