2016 Technology Exchange

Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Mischief Managed NOW: Securing Campus SSO with Multi-Factor Authentication

Time 09/27/16 09:00AM-09:50AM

Room Bayfront A

Session Abstract

Many campuses have little or no defense against the common and effective
social engineering attack known as “phishing”, which exposes user
passwords and other confidential information, compromising accounts,
systems, and resources. Multi-Factor Authentication (MFA) provides a
second layer of defense against unauthorized access to campus resources by
requiring both knowledge of an id and password and physical access to a
pre-registered device such as a mobile phone in order to access campus
services. The University of Notre Dame, the University of Southern
California, Duke University, and UCLA have each implemented the Duo
Security product under the InCommon license agreement, providing MFA
protection for their web-based SSO systems - Shibboleth and CAS. This
presentation will compare and contrast these implementations and provide
insight into key factors that necessitated resources and expenditures
beyond the software license.


Speaker Brendan Bellina University of California - Los Angeles

Speaker Russell Beall University of Southern California

Speaker Derek Owens University of Notre Dame

Speaker Rob Carter Duke University

Primary track Trust and Identity

Secondary tracks Information Security

platinum Sponsors

gold Sponsors

silver Sponsors

supporter Sponsors