PASSWORDLESS AND ONE-FACTOR AUTHORIZATION OF USERS WITH LIMITED SKILLS FOR EDUCATIONAL DISTANCE TECHNOLOGIES BASED ON GSM COMMUNICATION CHANNELS
DOI:
https://doi.org/10.31891/2307-5732-2024-341-5-16Keywords:
authorization, voice key, one-time password, passwordless, multiple access, authorization algorithmsAbstract
Issues of access restriction and user authorization are relevant for almost any information systems. The current situation in school’s education produces a row of challenges related to the necessity of involving into online education primary school students. The mentioned type of users is characterized by inattention, low self-organization, the absence of developed reading and writing skills, etc. The implementation of the distant education in our country was intensified due to the war and quarantine restrictions.
The need to ensure the appropriate level of reliability of data storage, their integrity, quick access, as well as the implementation of convenient user interfaces requires constant improvement of existing and development of new organizational and algorithmic solutions for hardware and software authorization in computer systems.
One of the possible solutions proposed by the authors is using one-time passwords with a limited validity period. The mentioned approach is not new. However, the practical implementation of the authorization algorithm, based on multifactor authorization, involves separated voice exchange channels to obtain a one-time password by the end user. The key aspect of the proposed approach is that the spectrum of such voice messages is distorted by fragments of random signals with controlled information entropy, and this makes it difficult for them to be automatically recognized by digital password interception systems.
During research, several methods were considered regarding the creation and transfer of a one-time password to the user for authorization in the information system. A solution based on using the voice channel of a cellular network is presented. Such an implementation requires usage of additional hardware, in particular a GSM modem, which is appropriate for systems operated within the borders of one country.
The solution based on using the GPRS channel and the corresponding software tools of the landline phone is presented. This implementation requires prior registration of the device in the information system as the initiator of creating a one-time password.
