2013 Internet2 Annual Meeting

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID

Strong Authentication for Everyone

Time 04/23/13 04:30PM-05:30PM

Session Abstract

Not a day goes by without news about online security breaches, usually
involving user's password credentials being compromised. The obvious
solution for improving the situation is the introduction of strong
authentication, involving not just something the user knows (a password)
but also something the user has (e.g. a mobile phone or some sort of
token). The uptake of strong authentication in the research and
education community has been slow. There are many reasons for this, but
the most important one seems to be the complexity of deploying strong
authentication in heterogeneous user groups (which include, for
instance, students, staff, researchers, etc.). One approach for dealing
with this is the deals that Internet2 has struck with vendors of
two-factor authentication solutions which lower the cost barrier for
deploying strong authentication.



SURFnet has taken a different, complementary, approach: we will be
introducing what we call "Step-up Authentication-as-a-Service" into our
identity federation, SURFconext. This service will allow users to
register means for strong authentication without the burden for campuses
of having to deploy strong authentication campus-wide. We believe this
service will be of great benefit to both campus identity providers as
well as to service providers requiring stronger forms of authentication.



In addition to this service deployment, SURFnet is also involved in more
forward-looking work with respect to strong authentication. We are
looking at a cutting edge strong authentication technology that takes
the benefits of identity federations (the use of attributes) and uses
these for strong authentication with smart cards in an extremely
privacy-friendly way. This technology, called IRMA
(http://www.irmacard.org/) has even greater potential than our Step-up
Authentication service as it truely puts the user in control of a means
for strong authentication. We collaborate with leading academic groups
in this project and the project is seeing a healthy interest from both
business as well as government.



In this session, we would like to show the benefits of both our Step-up
Authentication-as-a-Service solution as well as give attendees a
tantalizing glimpse into the future of strong authentication by
showcasing the IRMA technology.

Speakers

Speaker Roland van Rijswijk SURFnet

Speaker Pieter van der Meulen SURFnet

Presentation Media

Session Media

media item thumbnail Strong Authentication for Everyone Netcast Archive Not a day goes by without news about online security breaches, usually involving user's password credentials being compromised. The obvious solution for improving the situation is the introduction of strong authentication, involving not just something the user knows (a password) but also something the user has (e.g. a mobile phone or some sort of token). The uptake of strong authentication in the research and education community has been slow. There are many reasons for this, but the most important one seems to be the complexity of deploying strong authentication in heterogeneous user groups (which include, for instance, students, staff, researchers, etc.). One approach for dealing with this is the deals that Internet2 has struck with vendors of two-factor authentication solutions which lower the cost barrier for deploying strong authentication. SURFnet has taken a different, complementary, approach: we will be introducing what we call "Step-up Authentication-as-a-Service" into our identity federation, SURFconext. This service will allow users to register means for strong authentication without the burden for campuses of having to deploy strong authentication campus-wide. We believe this service will be of great benefit to both campus identity providers as well as to service providers requiring stronger forms of authentication. In addition to this service deployment, SURFnet is also involved in more forward-looking work with respect to strong authentication. We are looking at a cutting edge strong authentication technology that takes the benefits of identity federations (the use of attributes) and uses these for strong authentication with smart cards in an extremely privacy-friendly way. This technology, called IRMA (http://www.irmacard.org/) has even greater potential than our Step-up Authentication service as it truely puts the user in control of a means for strong authentication. We collaborate with leading academic groups in this project and the project is seeing a healthy interest from both business as well as government. In this session, we would like to show the benefits of both our Step-up Authentication-as-a-Service solution as well as give attendees a tantalizing glimpse into the future of strong authentication by showcasing the IRMA technology. media item thumbnail Strong Authentication for Everyone Netcast Archive Not a day goes by without news about online security breaches, usually involving user's password credentials being compromised. The obvious solution for improving the situation is the introduction of strong authentication, involving not just something the user knows (a password) but also something the user has (e.g. a mobile phone or some sort of token). The uptake of strong authentication in the research and education community has been slow. There are many reasons for this, but the most important one seems to be the complexity of deploying strong authentication in heterogeneous user groups (which include, for instance, students, staff, researchers, etc.). One approach for dealing with this is the deals that Internet2 has struck with vendors of two-factor authentication solutions which lower the cost barrier for deploying strong authentication. SURFnet has taken a different, complementary, approach: we will be introducing what we call "Step-up Authentication-as-a-Service" into our identity federation, SURFconext. This service will allow users to register means for strong authentication without the burden for campuses of having to deploy strong authentication campus-wide. We believe this service will be of great benefit to both campus identity providers as well as to service providers requiring stronger forms of authentication. In addition to this service deployment, SURFnet is also involved in more forward-looking work with respect to strong authentication. We are looking at a cutting edge strong authentication technology that takes the benefits of identity federations (the use of attributes) and uses these for strong authentication with smart cards in an extremely privacy-friendly way. This technology, called IRMA (http://www.irmacard.org/) has even greater potential than our Step-up Authentication service as it truely puts the user in control of a means for strong authentication. We collaborate with leading academic groups in this project and the project is seeing a healthy interest from both business as well as government. In this session, we would like to show the benefits of both our Step-up Authentication-as-a-Service solution as well as give attendees a tantalizing glimpse into the future of strong authentication by showcasing the IRMA technology.

platinum Sponsors

gold Sponsors

silver Sponsors

supporter Sponsors