Home // CYBER 2016, The First International Conference on Cyber-Technologies and Cyber-Systems // View article

Single Sign-On Webservice with Adaptable Multi Factor Authentication

Authors:
Sandra Kübler
Christian Rinjes
Anton Wiens
Michael Massoth

Keywords: web-based single sign-on; multi factor authentication; digital identity; security levels

Abstract:
Cybercrime activities have led to a global cost of 445 billion USD in 2014. Potential and attractive targets of cybercriminals are identity and access management systems. These are especially used by enterprises to better organize their employees’ credentials and privileges. Part of such a system can be a single sign-on service to reduce the number of different accounts/credentials of a user. To enhance security, multi factor authentication is slowly becoming more present in identity and access management systems and single sign-on services. In this paper, we will present a new approach to multi factor authentication in a web-based single sign-on service called SecureAID. This service is thought to be extensible and easy to implement for service providers, who are able to define their own (minimum) security levels. A security level defines which factors are required for a login to the service of a service provider. For a user, it is possible to define their own order in which factors are used, thus further improving usability. Additionally, a user is able to use an arbitrary number and type of factors, as long as the minimum security level defined by a service provider is met. This paper concludes with an evaluation of our approach.

Pages: 29 to 34

Copyright: Copyright (c) IARIA, 2016

Publication date: October 9, 2016

Published in: conference

ISSN: 2519-8599

ISBN: 978-1-61208-512-8

Location: Venice, Italy

Dates: from October 9, 2016 to October 13, 2016