Fall 2009 Day 1 - Advanced AuthN Topics

Owned by Andrew Petro
Last updated: Sept 28, 2009Version comment
1 min read

Scribe for Advanced Authentication

Moderator: Jens Smith

Authentication: tying a bag of protoplasm to a directory entry.

Desired topics:

  • Two-factor authentication
  • What to do in a portal when some content requires more rigorous authentication

Start with two-factor authentication broadly writ:

Gary Schwartz convinced that one-factor authN no longer viable

Benn relates Rutgers experience with SafeWord authentication tokens.

John Lewis relates story of VASCO.

Jens
Looked at SecureId. $100 per user per year was too spendy.
Certificate management. Too complex and painful. May be promising in future.
Certs on USB token. Aladdin.
SMS key.

Tom

Security auditors suggest two-factor authentication.
CryptoCard.

jlewis and apetro told story of

Different required LOAs for portlets

Proxy CAS analogy
Yale remember-me analogy

Apply LOA at framework level, or feed level of authN information down to the portlet.

http://rnd.feide.no/content/my-thoughts-about-slo

Discussion of single sign out, compromise solutions, branding.