Page
3
New Dimensions of Intelligent Authentication Systems
-
(Drafted Paper)
Veronica Venyo Agblewornu & Paul Danquah
Accra Inst
itute of Technology
ABSTRACT
Information Security is of
keen interest in this era of ever changing tec
hnology in computing,
where there are several reported cases of unauthorised users having access to classified
information despite the several mechanisms
to secure information. Against this backdrop, this
research work aims at designing
computer systems intelligent enough to differentiate between
the authorized and unauthorized user
,
as to know who
to
grant
to
access and whom to deny
access
, in the unpredic
table and dynamic environment. Machine learning techniques
coupled
with
some
effective cryptographic authentication mechanisms and multifactor authentication
tec
hniques
are implored
through the Prometheus Methodology
for the development of a generic
Intell
igent Authentication System, which could be used by any system.
The system learns by
induction and direct implantation of knowledge from any database the system is interfaced
with,
and
it uses the
k
nowledge
d
iscovery in
d
atabases to extract data from syste
m tables to
build its knowledge base.
It uses its intelligence to verify the identity of a user by randomly
selecting any of the authenticating mechanism
s
for use based on the use
rís access control level
in the
database and
the sensitivity of information t
he user wishes to access,
then authenticates
the userís true ownership
or privilege to
the data
or
information to be accessed
. This is achieved
by generating interrogative questio
ns from the data extracted under a
users account
from a
structured Intelligen
t Authentication System that is robust enough
to grant access to authorised
users and
prevent
u
nauthorized users from both access.
We modelled a framework of Intelligent
Authentication System with intelligent agents which could autonomously authenticate us
ers.
The system if implemented would be able to identify registered users, determine the context
sensitivity of the data to be accessed, randomise the authentication mechanisms every time user
attempts to log into the database and monitors interactive sess
ions between authenticated user
systems (computing devices) and the protected database systems.