User Authentication Protocol Based on the Location Factor for a Mobile Environment

Maciej Bartlomiejczyk; Imed El Fray; Miroslaw Kurkowski; Sabina Szymoniak; Olga Siedlecka-Lamch

doi:10.1109/ACCESS.2022.3148537

IEEE Access (Jan 2022)

User Authentication Protocol Based on the Location Factor for a Mobile Environment

Maciej Bartlomiejczyk,
Imed El Fray,
Miroslaw Kurkowski,
Sabina Szymoniak,
Olga Siedlecka-Lamch

Affiliations

Maciej Bartlomiejczyk: ORCiD; West Pomeranian University of Technology, Szczecin, Poland
Imed El Fray: ORCiD; West Pomeranian University of Technology, Szczecin, Poland
Miroslaw Kurkowski: Institute of Computer Science, Cardinal Stefan Wyszynski University in Warsaw, Warsaw, Poland
Sabina Szymoniak: ORCiD; Department of Computer Science, Czestochowa University of Technology, Czestochowa, Poland
Olga Siedlecka-Lamch: ORCiD; Department of Computer Science, Czestochowa University of Technology, Czestochowa, Poland

DOI: https://doi.org/10.1109/ACCESS.2022.3148537
Journal volume & issue: Vol. 10
pp. 16439 – 16455

Abstract

Read online

The way the internet is used by billions of users around the world has been revolutionized by mobile devices. The capabilities of smartphones are constantly growing, and the number of services available for mobile devices is also increasing. This undeniable trend makes smartphones terminals for accessing services that process confidential data, which make smartphones priceless targets of cyberattacks. Along with an increasing number of mobile services, the methods of securing the confidentiality, integrity and availability of systems used have also evolved and adapted to the capabilities of a mobile environment. One of the important security services is the user authentication process. This process often implements the postulates of strong authentication, multistage authentication based on factors from the knowledge, position and inherence categories. Unfortunately, the implementation of the factors belonging to these categories is not always possible due to the limitations of smartphones, such as the lack of interfaces for the implementation of biometrics or environmental factors - problems with network or internet access in various countries and regions. Therefore, there is a need to analyse the possibility of implementing a strong authentication process based on additional information about users, e.g., based on location data. The article analyses the requirements for the authentication process and authentication factors. Based on the performed analysis, the criteria that each authentication factor must meet were defined. This article presents a proposal for a user authentication protocol based on the location factor for a mobile environment. The method can be used in the case of problems with the implementation of strong authentication or as an additional authentication factor that increases the security of the user identity confirmation process. The presented protocol has been analysed in terms of performance, security and compliance with the requirements related to the authentication factors.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords