Explore the Relationship between Authentication Factor Multiplicity and Composite Vulnerability Exposures

With the continued expansion and adoption of multi-factor authentication technologies within organizations across industries, there exists a need to determine the relationship between composite vulnerability exposures and the multiplicity of authentication factors. To meet this need, we propose a power curve formula for the relationship between these variables, demonstrating the wellness of fit to generalized data sets. We provide an extension to the Common Vulnerability Scoring System (CVSS) v3 calculator, allowing the characterization of combined Common Vulnerability Exposure (CVE) in an objective and repeatable means, demonstrating the capabilities of that extent. This paper explores the potential for future work derived from the proposed mathematical formula representation of the relationship between authentication factor multiplicity and composite vulnerability scores.