Single Point Authentication by Multiple Factor Authentication

Main Article Content

ปรัชญา ไชยเมือง
สมนึก พ่วงพรพิทักษ์
วิรัตน์ พงษ์ศิริ


- Nowadays, Single Point Authentication is very a significant to solve a distributed authentication process. Due to the Single Sign on (SS0) by LDAP is popular solution. However, it still has some security vulnerabilities because a password is also vulnerable to leaking and forgetful. Although, There have been several solutions, such as TFA and OTP proposed previously to enhance the password leaking and forgetfulness but, they still have a lot of drawbacks. This paper analyzes the drawbacks of the previous solutions; then design and implement a new solution using LDAP, Web Services, Java program and J2ME technologies. By designing the authentication process at a single point authenticator and using multi-factor authentication together with challenge-response new S/Key OTP techniques. The new design called “Single Point Authentication by Multiple Factors Authentication (SPA-MFA)”. From experiments/evaluation, SPA-MFA is very effective, low cost, cheap and easy to implement.

Article Details

How to Cite
ไชยเมือง ป., พ่วงพรพิทักษ์ ส., and พงษ์ศิริ ว., “Single Point Authentication by Multiple Factor Authentication”, JIST, vol. 3, no. 1, pp. 53–62, Jun. 2012.
Research Article: Soft Computing (Detail in Scope of Journal)


1. "Aradiom SolidPass", /SolidPass.

2. "AuthAnvil",

3. "FileID",

4. "FiveBarGate",

5. "Diversinet",

6. "VeriSign Identity Protection", https://www.syma

7. "Cellular Authentication Token", https://www.

8. "Mobile One Time Passwords", https://motp.

9. "1Key", /1key.

10. "Supported fingerprint scanners and sensors", https:// print-scanners.cgi.

11. "Mobile Popular",

12. "Strong Two Factor Authentication with RSA SecurID", SSH Communications Security Corp, Design Solution Report, November 2008.

13. "Communication technology trend and market report Quarter 3", The National Telecommunication Commission(NTC), Market Report 3, May 2008.

14. M. Benantar, Access control systems: security identity management and trust models, 2nd ed. Texas: Springer, 2006.

15. M. Bishop, Computer Security Art and Science, 1st ed. Massachusetts: Addison Wesley Professional, 2003.

16. M. Curtin, Brute force: cracking the data encryption standard, 1st ed. New York: Springer, 2005.

17. D. M'Raihi, M. Bellare, F. Hoornaert, D. Naccache, and O. Ranen, "HOTP: An HMAC-Based One-Time Password Algorithm", IETF, RFC 4226, December 2005.

18. S. Garfinkel, G. Spafford, and A. Schwartz, Practical UNIX and Internet Security, 3rd ed. California: O'Reilly Media, Inc, 2003.

19. K. Hausman and S. Cook, IT Architecture for Dummies, 3rd ed. New Jersey: Wiley Publishing Inc, 2011.

20. M. Hendry, Smart Card Security and Applications, 2nd ed. Washington D.C: Artech House, 2001.

21. S. Josefsson, "The Base16 Base32 and Base64 Data Encodings", IETF, RFC 4648, October 2006.

22. M.Wahl, "A Summary of the X.500(96) User Schema for use with LDAPv3", IETF, RFC 2256, December 1997.

23. N. Haller, C. Metz, P. Nesser, and M. Straw, "A One-Time Password System", IETF, RFC 2289, February 1998.

24. T. Plum and R. Bleiler, User authentication, 1st ed. Washington D.C: SPEC Kits, 2001.

25. D. M. Raihi, S.Machani, M.Pei, and J.Rydell, "TOTP: Time-Based One-Time Password Algorithm", IETF, RFC 6238, May 2011.

26. J. Sermersheim, "Lightweight Directory Access Protocol (LDAP):