Abstract
Authentication is of paramount importance for all modern networked applications. The username/password paradigm is ubiquitous. This paradigm suffices for many applications that require a relatively low level of assurance about the identity of the end user, but it quickly breaks down when a stronger assertion of the user’s identity is required. Traditionally, this is where two- or multi-factor authentication comes in, providing a higher level of assurance. There is a multitude of two-factor authentication solutions available, but we feel that many solutions do not meet the needs of our community. They are invariably expensive, difficult to roll out in heterogeneous user groups (like student populations), often closed source and closed technology and have usability problems that make them hard to use. In this paper we will give an overview of the two-factor au- thentication landscape and address the issues of closed versus open solutions. We will introduce a novel open standards-based authentication technology that we have developed and released in open source. We will then provide a classification of two-factor authentication technologies, and we will finish with an overview of future work.
Original language | Undefined |
---|---|
Pages | 81-97 |
Number of pages | 17 |
Publication status | Published - 4 Dec 2011 |
Event | 25th Large Installation System Administration Conference, LISA 2011 - Boston, MA, USA Duration: 4 Dec 2011 → 9 Dec 2011 |
Conference
Conference | 25th Large Installation System Administration Conference, LISA 2011 |
---|---|
Period | 4/12/11 → 9/12/11 |
Other | 4-9 December 2011 |
Keywords
- Authentication
- two-factor authentication
- IR-93961
- Security
- EWI-25210