X.509 User Certificate-based Two-Factor Authentication for Web Applications

Zitieren

Dateien zu dieser Ressource

Prüfsumme: MD5:7aebf34d861227982b27f613791c366e

ZINK, Thomas, Marcel WALDVOGEL, 2017. X.509 User Certificate-based Two-Factor Authentication for Web Applications. 10. DFN-Forum Kommunikationstechnologien. Berlin, 30. Mai 2017 - 31. Mai 2017. In: MÜLLER, Paul, ed., Bernhard NEUMAIR, ed., Helmut REISER, ed., Gabi DREO RODOSEK, ed.. 10. DFN-Forum Kommunikationstechnologien : Proceedings. 10. DFN-Forum Kommunikationstechnologien. Berlin, 30. Mai 2017 - 31. Mai 2017. Bonn:Gesellschaft für Informatik, pp. 51-61. ISSN 1617-5468. ISBN 978-3-88579-665-7

@inproceedings{Zink2017X.509-39163, title={X.509 User Certificate-based Two-Factor Authentication for Web Applications}, year={2017}, number={271}, isbn={978-3-88579-665-7}, issn={1617-5468}, address={Bonn}, publisher={Gesellschaft für Informatik}, series={GI-Edition Lecture Notes in Informatics (LNI)}, booktitle={10. DFN-Forum Kommunikationstechnologien : Proceedings}, pages={51--61}, editor={Müller, Paul and Neumair, Bernhard and Reiser, Helmut and Dreo Rodosek, Gabi}, author={Zink, Thomas and Waldvogel, Marcel} }

An appealing property to researchers, educators, and students is the openness of the physical environment and IT infrastructure of their organizations. However, to the IT administration, this creates challenges way beyond those of a single-purpose business or administration. Especially the personally identifiable information or the power of the critical functions behind these logins, such as financial transactions or manipulating user accounts, require extra protection in the heterogeneous educational environment with single-sign-on. However, most web-based environments still lack a reasonable second-factor protection or at least the enforcement of it for privileged operations without hindering normal usage.<br /><br />In this paper we introduce a novel and surprisingly simple yet extremely flexible way to implement two-factor authentication based on X.509 user certificates in web applications. Our solution requires only a few lines of code in web server configuration and none in the application source code for basic protection. Furthermore, since it is based on X.509 certificates, it can be easily combined with smartcards or USB cryptotokens to further enhance security. 2017-06-07T14:01:05Z 2017 X.509 User Certificate-based Two-Factor Authentication for Web Applications Waldvogel, Marcel eng Zink, Thomas Zink, Thomas Waldvogel, Marcel 2017-06-07T14:01:05Z

Dateiabrufe seit 07.06.2017 (Informationen über die Zugriffsstatistik)

Zink_0-409447.pdf 60

Das Dokument erscheint in:

KOPS Suche


Stöbern

Mein Benutzerkonto