Authentication Modeling with Five Generic Processes

Sabah Al-Fedaghi; MennatAllah Bayoumi

arXiv:1910.01597·cs.OH·October 4, 2019

Authentication Modeling with Five Generic Processes

Sabah Al-Fedaghi, MennatAllah Bayoumi

PDF

TL;DR

This paper introduces five generic processes for conceptual modeling of authentication systems, demonstrating their sufficiency in representing various schemes like PKI, biometric, and multifactor authentication.

Contribution

It proposes a new set of five generic processes to enhance the modeling of authentication systems, addressing limitations in existing modeling languages.

Findings

01

Five generic processes effectively model authentication schemes

02

The processes are applicable to PKI, biometric, and multifactor authentication

03

Current modeling languages lack the notion of genericity for security modeling

Abstract

Conceptual modeling is an essential tool in many fields of study, including security specification in information technology systems. As a model, it restricts access to resources and identifies possible threats to the system. We claim that current modeling languages (e.g., Unified Modeling Language, Business Process Model and Notation) lack the notion of genericity, which refers to a limited set of elementary processes. This paper proposes five generic processes for modeling the structural behavior of a system: creating, releasing, transferring, receiving, and processing. The paper demonstrates these processes within the context of public key infrastructure, biometric, and multifactor authentication. The results indicate that the proposed generic processes are sufficient to represent these authentication schemes.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.