Publikation:

X.509 User Certificate-based Two-Factor Authentication for Web Applications

Vorschaubild

Dateien

Zink_0-409447.pdf
Zink_0-409447.pdfGröße: 390.75 KBDownloads: 956

Datum

2017

Autor:innen

Herausgeber:innen

Kontakt

ISSN der Zeitschrift

Electronic ISSN

ISBN

Bibliografische Daten

Verlag

Schriftenreihe

Auflagebezeichnung

URI (zitierfähiger Link)
http://nbn-resolving.de/urn:nbn:de:bsz:352-0-409447
DOI (zitierfähiger Link)
ArXiv-ID

Internationale Patentnummer

Link zur Lizenz
Urheberrechtlich geschützt

Angaben zur Forschungsförderung

Projekt

Open Access-Veröffentlichung
Open Access Green

Sammlungen

Informatik und Informationswissenschaft: Publikationen
Core Facility der Universität Konstanz

Gesperrt bis

Titel in einer weiteren Sprache

Publikationstyp
Beitrag zu einem Konferenzband
Publikationsstatus
Published

Erschienen in

MÜLLER, Paul, ed., Bernhard NEUMAIR, ed., Helmut REISER, ed., Gabi DREO RODOSEK, ed.. 10. DFN-Forum Kommunikationstechnologien : Proceedings. Bonn: Gesellschaft für Informatik, 2017, pp. 51-61. GI-Edition Lecture Notes in Informatics (LNI). 271. ISSN 1617-5468. ISBN 978-3-88579-665-7

Zusammenfassung

An appealing property to researchers, educators, and students is the openness of the physical environment and IT infrastructure of their organizations. However, to the IT administration, this creates challenges way beyond those of a single-purpose business or administration. Especially the personally identifiable information or the power of the critical functions behind these logins, such as financial transactions or manipulating user accounts, require extra protection in the heterogeneous educational environment with single-sign-on. However, most web-based environments still lack a reasonable second-factor protection or at least the enforcement of it for privileged operations without hindering normal usage.

In this paper we introduce a novel and surprisingly simple yet extremely flexible way to implement two-factor authentication based on X.509 user certificates in web applications. Our solution requires only a few lines of code in web server configuration and none in the application source code for basic protection. Furthermore, since it is based on X.509 certificates, it can be easily combined with smartcards or USB cryptotokens to further enhance security.

Zusammenfassung in einer weiteren Sprache

Fachgebiet (DDC)
004 Informatik

Schlagwörter

multi-factor-authentication, authentication, crypto token, S/MIME, certificate, X.509

Konferenz

10. DFN-Forum Kommunikationstechnologien, 30. Mai 2017 - 31. Mai 2017, Berlin
Rezension
undefined / . - undefined, undefined

Forschungsvorhaben

Organisationseinheiten

Zeitschriftenheft

Zugehörige Datensätze in KOPS

Zitieren

ISO 690ZINK, Thomas, Marcel WALDVOGEL, 2017. X.509 User Certificate-based Two-Factor Authentication for Web Applications. 10. DFN-Forum Kommunikationstechnologien. Berlin, 30. Mai 2017 - 31. Mai 2017. In: MÜLLER, Paul, ed., Bernhard NEUMAIR, ed., Helmut REISER, ed., Gabi DREO RODOSEK, ed.. 10. DFN-Forum Kommunikationstechnologien : Proceedings. Bonn: Gesellschaft für Informatik, 2017, pp. 51-61. GI-Edition Lecture Notes in Informatics (LNI). 271. ISSN 1617-5468. ISBN 978-3-88579-665-7
BibTex
@inproceedings{Zink2017Certi-39163,
  year={2017},
  title={X.509 User Certificate-based Two-Factor Authentication for Web Applications},
  number={271},
  isbn={978-3-88579-665-7},
  issn={1617-5468},
  publisher={Gesellschaft für Informatik},
  address={Bonn},
  series={GI-Edition Lecture Notes in Informatics (LNI)},
  booktitle={10. DFN-Forum Kommunikationstechnologien : Proceedings},
  pages={51--61},
  editor={Müller, Paul and Neumair, Bernhard and Reiser, Helmut and Dreo Rodosek, Gabi},
  author={Zink, Thomas and Waldvogel, Marcel}
}
RDF
<rdf:RDF
    xmlns:dcterms="http://purl.org/dc/terms/"
    xmlns:dc="http://purl.org/dc/elements/1.1/"
    xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
    xmlns:bibo="http://purl.org/ontology/bibo/"
    xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#"
    xmlns:foaf="http://xmlns.com/foaf/0.1/"
    xmlns:void="http://rdfs.org/ns/void#"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > 
  <rdf:Description rdf:about="https://kops.uni-konstanz.de/server/rdf/resource/123456789/39163">
    <dc:rights>terms-of-use</dc:rights>
    <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <dc:creator>Zink, Thomas</dc:creator>
    <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/>
    <dspace:hasBitstream rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/39163/3/Zink_0-409447.pdf"/>
    <dcterms:rights rdf:resource="https://rightsstatements.org/page/InC/1.0/"/>
    <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2017-06-07T14:01:05Z</dc:date>
    <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2017-06-07T14:01:05Z</dcterms:available>
    <dc:contributor>Waldvogel, Marcel</dc:contributor>
    <dcterms:hasPart rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/39163/3/Zink_0-409447.pdf"/>
    <dc:language>eng</dc:language>
    <dcterms:title>X.509 User Certificate-based Two-Factor Authentication for Web Applications</dcterms:title>
    <dc:contributor>Zink, Thomas</dc:contributor>
    <dc:creator>Waldvogel, Marcel</dc:creator>
    <dcterms:abstract xml:lang="eng">An appealing property to researchers, educators, and students is the openness of the physical environment and IT infrastructure of their organizations. However, to the IT administration, this creates challenges way beyond those of a single-purpose business or administration. Especially the personally identifiable information or the power of the critical functions behind these logins, such as financial transactions or manipulating user accounts, require extra protection in the heterogeneous educational environment with single-sign-on. However, most web-based environments still lack a reasonable second-factor protection or at least the enforcement of it for privileged operations without hindering normal usage.&lt;br /&gt;&lt;br /&gt;In this paper we introduce a novel and surprisingly simple yet extremely flexible way to implement two-factor authentication based on X.509 user certificates in web applications. Our solution requires only a few lines of code in web server configuration and none in the application source code for basic protection. Furthermore, since it is based on X.509 certificates, it can be easily combined with smartcards or USB cryptotokens to further enhance security.</dcterms:abstract>
    <dcterms:issued>2017</dcterms:issued>
    <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <bibo:uri rdf:resource="https://kops.uni-konstanz.de/handle/123456789/39163"/>
    <foaf:homepage rdf:resource="http://localhost:8080/"/>
  </rdf:Description>
</rdf:RDF>

Interner Vermerk

xmlui.Submission.submit.DescribeStep.inputForms.label.kops_note_fromSubmitter

Kontakt
URL der Originalveröffentl.

Prüfdatum der URL

Prüfungsdatum der Dissertation

Finanzierungsart

Kommentar zur Publikation

Allianzlizenz
Corresponding Authors der Uni Konstanz vorhanden
Internationale Co-Autor:innen
Universitätsbibliographie
Ja
Begutachtet
Diese Publikation teilen