Scribe for Advanced Authentication
Moderator: Jens Smith
Authentication: tying a bag of protoplasm to a directory entry.
Desired topics:
- Two-factor authentication
- What to do in a portal when some content requires more rigorous authentication
Start with two-factor authentication broadly writ:
Gary Schwartz convinced that one-factor authN no longer viable
Benn relates Rutgers experience with SafeWord authentication tokens.
John Lewis relates story of VASCO.
Jens
Looked at SecureId. $100 per user per year was too spendy.
Certificate management. Too complex and painful. May be promising in future.
Certs on USB token. Aladdin.
SMS key.
Tom
Security auditors suggest two-factor authentication.
CryptoCard.
jlewis and apetro told story of
Different required LOAs for portlets
Proxy CAS analogy
Yale remember-me analogy
Apply LOA at framework level, or feed level of authN information down to the portlet.
http://rnd.feide.no/content/my-thoughts-about-slo
Discussion of single sign out, compromise solutions, branding.