Authentication As A Service (AAAS)

Abstract

User authentication is one of the most important parts of any electronic service. Most of the electronic services use in-house user authentication mechanisms which need lots of effort to make them secure and scalable. From the user s perspective, managing number of credentials for different electronic services is problematic and can lead to insecure practices like sharing a common password. Protocols like Kerberos, Radius and Single Sign On (SSO) methods are some of the existing attempts to implement central authentication mechanism for user authentication. Something user knows (passwords, PIN, etc.) and something the user has (smart cards, tokens, etc.) are the main authentication factors available for the said protocols. Something user is (finger print, iris, DNA, etc.) considered as the most fail-safe among the factors of authentication. In this research, a new protocol called Authentication-As-A-service (AAAS) has been developed to incorporate biometric verification with centralized user authentication. Security is the main concern for protocol design. Availability and cost are also important when it comes to a particular implementation of the protocol. Interactive Voice Response (IVR) based access control system is a prototype implementation of the AAAS protocol. The implementation has been evaluated against cost and benefits. In addition, AAAS protocol can be integrated with systems like Automated Teller Machine (ATM), Point of Sales (POS) terminals, web portals, phone booths and mobile devices for centralized user authentication.