X.509 User Certificate-based Two-Factor Authentication For Web Applications

Publikationstyp: Working Paper/Technical Report
Publikationsstatus: Published
URI (zitierfähiger Link): http://nbn-resolving.de/urn:nbn:de:bsz:352-0-414673
Autor/innen: Zink, Thomas; Waldvogel, Marcel
Erscheinungsjahr: 2017
Schriftenreihe: Distributed Systems Group Technical Report ; KN-2017-DISY-03
Zusammenfassung:
An appealing property to researchers, educators, and students is the openness of the physical environment and IT infrastructure of their organizations. However, to the IT administration, this creates challenges way beyond those of a single-purpose business or administration. Especially the personally identifiable information or the power of the critical functions behind these logins, such as financial transactions or manipulating user accounts, require extra protection in the heterogeneous educational environment with single-sign-on. However, most web-based environments still lack a reasonable second-factor protection or at least the enforcement of it for privileged operations without hindering normal usage.
In this paper we introduce a novel and surprisingly simple yet extremely exible way to implement two-factor authentication based on X.509 user certificates in web applications. Our solution requires only a few lines of code in web server configuration and none in the application source code for basic protection. Furthermore, since it is based on X.509 certificates, it can be easily combined with smartcards or USB cryptotokens to further enhance security.
Fachgebiet (DDC): 004 Informatik
Schlagwörter: MFA, 2FA, Authentication, OTP, X.509, S/MIME
Link zur Lizenz: Nutzungsbedingungen
Universitätsbibliographie: Ja

Zitieren

Dateien zu dieser Ressource

[PDF]
Name: Zink_0-414673.pdf
Größe: 7.943Mb
Format: PDF
Öffnen
Prüfsumme: MD5:bfeb90495d780bccea3f422f43af26a7

ZINK, Thomas, Marcel WALDVOGEL, 2017. X.509 User Certificate-based Two-Factor Authentication For Web Applications

@techreport{Zink2017Certi-39574, series={Distributed Systems Group Technical Report}, title={X.509 User Certificate-based Two-Factor Authentication For Web Applications}, year={2017}, number={KN-2017-DISY-03}, author={Zink, Thomas and Waldvogel, Marcel} }

Zink, Thomas eng X.509 User Certificate-based Two-Factor Authentication For Web Applications terms-of-use 2017-07-13T12:05:39Z Waldvogel, Marcel 2017-07-13T12:05:39Z Zink, Thomas An appealing property to researchers, educators, and students is the openness of the physical environment and IT infrastructure of their organizations. However, to the IT administration, this creates challenges way beyond those of a single-purpose business or administration. Especially the personally identifiable information or the power of the critical functions behind these logins, such as financial transactions or manipulating user accounts, require extra protection in the heterogeneous educational environment with single-sign-on. However, most web-based environments still lack a reasonable second-factor protection or at least the enforcement of it for privileged operations without hindering normal usage.<br />In this paper we introduce a novel and surprisingly simple yet extremely exible way to implement two-factor authentication based on X.509 user certificates in web applications. Our solution requires only a few lines of code in web server configuration and none in the application source code for basic protection. Furthermore, since it is based on X.509 certificates, it can be easily combined with smartcards or USB cryptotokens to further enhance security. Waldvogel, Marcel 2017

Dateiabrufe seit 13.07.2017 (Informationen über die Zugriffsstatistik)

Zink_0-414673.pdf 1331

Das Dokument erscheint in:

KOPS Suche


Stöbern

Mein Benutzerkonto