Best Authentication Technique to Protect Against Hijacking

B.

A continuous authentication provides protection against impostors who can see, alter, and insert information passed between the claimant and verifier even after the claimant/verifier authentication is complete.

This is the best protection against hijacking.

Static authentication is the type of authentication provided by traditional password schemes and the strength of the authentication is highly dependent on the difficulty of guessing passwords.

The robust authentication mechanism relies on dynamic authentication data that changes with each authenticated session between a claimant and a verifier, and it does not protect against hijacking.

Strong authentication refers to a two-factor authentication (like something a user knows and something a user is)

Source: TIPTON, Harold.

F.

& KRAUSE, Micki, Information Security Management Handbook, 4th edition (volume 1), 2000, CRC Press, Chapter 3: Secured Connections to External Networks (page 51).

The best authentication technique that protects against hijacking is Continuous authentication.

Static authentication refers to the process of authenticating a user once, and then granting them access for a set period of time without further verification. This method is vulnerable to hijacking as attackers can potentially steal the credentials and gain access to the system until the credentials expire.

Robust authentication refers to using multiple factors to authenticate a user, such as a combination of a password and a smart card. While this provides a higher level of security than static authentication, it is still susceptible to hijacking as the attacker can potentially steal both factors and use them to gain access.

Strong authentication, on the other hand, typically refers to using multi-factor authentication that includes at least two of the following factors: something the user knows (such as a password), something the user has (such as a smart card), and something the user is (such as biometric data). While this provides a high level of security, it is not foolproof and is still susceptible to hijacking if the attacker can bypass the additional authentication factors.

Continuous authentication, on the other hand, constantly monitors the user's behavior, such as keystroke dynamics, mouse movement, and other factors, to verify their identity throughout their session. This method provides the highest level of security against hijacking as it makes it difficult for an attacker to maintain control of the user's session even if they manage to steal their credentials.

In conclusion, while all the authentication techniques mentioned offer varying levels of security, continuous authentication is the best option to protect against hijacking.