The Use of Two Authentication Factors to Enhance the Security of Mass Storage Devices

Recently, removable (external USB) mass storage devices are finding widespread utilization for transferring and backing up data. They even can be used as bootable devices. They have brought us great convenience, yet, simultaneously, they are very vulnerable to the extraction of private and confidential data from computer systems. Some access authentication schemes have been proposed for removable storage media as means of ensuring the security of the data. For the most part, such schemes use an Internet connection and a main server as a trusted third party, which generally provides an inadequate level of security. In this paper, we analyze the security risks of these schemes and propose a novel approach that takes into account both the users and the physical properties of the media so as to join the user and removable storage media. We involve users´ smart-phones in the authentication process as a second authentication factor. Then, only legitimate users can authenticate themselves with their smart-phones to obtain access to their removable storage media. An analysis of the security associated with this scheme is presented. Our mechanism will leverage the general public to secure their credentials through their USB storage devices, without the need of an Internet connection or communication with a trusted third party.