Schematic Aid to Help Understand ‘Multi-Layer’ and ‘Multi-Entrance

In my latest post (*1), I referred to MFA which system designers of identity security systems often incorporate into their systems without clear knowledge of whether it is deployed in a multi-layer/in-series/conjunction formation or deployed in a multi-entrance/in-parallel/disjunction formation.

I today offer a schematic explanation below to help understand the opposite security effects of ‘multi-layer’ and ‘multi-entrance’ deployments.

*1 “Which MFA Configuration Adopted at OKTA?” (6Nov2023) https://www.linkedin.com/posts/hitoshikokumai_okta-hack-blamed-on-employee-using-personal-activity-7127186788212740097-0uHK

To the best of my knowledge, most of the MFA sold on the market involve probabilistic biometrics as an authentication factor and deployed in a security-destroying multi-entrance formation, on which I wrote a lot of comments (*2).

*2 “Probabilistic Biometrics Unravelled : How it brings down identity security” https://www.linkedin.com/pulse/biometrics-unravelled-password-dependent-hitoshi-kokumai/

Should you be trapped in a pitfall of wrongly deployed biometrics, I am always ready to help you to get out of the quagmire.