Ignacio Velásquez scite author profile

There are multiple techniques for users to authenticate themselves in software applications, such as text passwords, smart cards, and biometrics. Two or more of these techniques can be combined to increase security, which is known as multifactor authentication. Systems commonly utilize authentication as part of their access control with the objective of protecting the information stored within them. However, the decision of what authentication technique to implement in a system is often taken by the software development team in charge of it. A poor decision during this step could lead to a fatal mistake in relation to security, creating the necessity for a method that systematizes this task. Thus, this book chapter presents a theoretical decision framework that tackles this issue by providing guidelines based on the evaluated application's characteristics and target context. These guidelines were defined through the application of an extensive action-research methodology in collaboration with experts from a multinational software development company.

show abstract

Aligning business strategy and information technologies in local governments using enterprise architectures

Gallegos-Baeza

Caro

Rodríguez

et al. 2021

Information Development

View full text Add to dashboard Cite

Nowadays, municipalities can provide services to citizens through information technologies, improving their massification and access. These are generally provided based on a country’s laws, but digitalization dissimilarities and the lack of guidelines complicate an equilibrium in their provision between the different municipalities of a country. On the other hand, enterprise architectures can be used for standardization, convergence, and interoperability in electronic governments, as they allow a holistic perspective for viewing the information technology resources of a municipality and aligning them with their business strategy. The current proposal emerges in this scenario, with the objective of presenting a method for developing reference enterprise architectures based on e-services and its use in a specific case. Concretely, a reference enterprise architecture has been developed for a set of minimum e-services that must be provided by Chilean municipalities.

show abstract

Framework for the Comparison and Selection of Schemes for Multi-Factor Authentication

Velásquez

2021

CLEIej

View full text Add to dashboard Cite

Authentication is the process of verifying a user’s identity for them to access a system’s resources. An authentication factor is a piece of information used for this authentication. Three well-known groups of authentication factors exist: knowledge-based (what you know), possession-based (what you have) and inherence-based (what you are). Authentication schemes belonging to distinct authentication factors can be combined in a multi-factor manner to increase security. Although multiple multi-factor proposals are seen in literature, the absence of a method that allows a proper comparison and selection of these authentication methods, based on an application’s security requirements, can be observed. Existing frameworks for the analysis of authentication methods have been identified through the realization of a systematic literature review, but most of these focus on specific contexts and do not provide a generic enough solution. Due to the above, this research focuses on the creation of a recommendation framework that guides in the comparison and selection of single and multi-factor authentication schemes, considering both the application’s requirements and its context. This has been attained not only through the knowledge found in literature, but the experience from industry experts has been compiled as well through the collaboration with a multinational software development company. Consequently, the knowledge found in literature has been obtained from a systematic literature review, whereas the experience from industry experts was obtained through a survey and interviews. The framework proposal has been generated based on the above and has been validated through an expert panel and a case study methodology in collaboration with the partnered software development company. A tool prototype has been constructed as well. The result is a recommendation framework for the comparison and selection of authentication methods that can support this decision process in multiple contexts.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.