Strong Authentication for Everyone Netcast Archive

Not a day goes by without news about online security breaches, usually involving user's password credentials being compromised. The obvious solution for improving the situation is the introduction of strong authentication, involving not just something the user knows (a password) but also something the user has (e.g. a mobile phone or some sort of token). The uptake of strong authentication in the research and education community has been slow. There are many reasons for this, but the most important one seems to be the complexity of deploying strong authentication in heterogeneous user groups (which include, for instance, students, staff, researchers, etc.). One approach for dealing with this is the deals that Internet2 has struck with vendors of two-factor authentication solutions which lower the cost barrier for deploying strong authentication. <br><br> SURFnet has taken a different, complementary, approach: we will be introducing what we call "Step-up Authentication-as-a-Service" into our identity federation, SURFconext. This service will allow users to register means for strong authentication without the burden for campuses of having to deploy strong authentication campus-wide. We believe this service will be of great benefit to both campus identity providers as well as to service providers requiring stronger forms of authentication. <br><br> In addition to this service deployment, SURFnet is also involved in more forward-looking work with respect to strong authentication. We are looking at a cutting edge strong authentication technology that takes the benefits of identity federations (the use of attributes) and uses these for strong authentication with smart cards in an extremely privacy-friendly way. This technology, called IRMA (http://www.irmacard.org/) has even greater potential than our Step-up Authentication service as it truely puts the user in control of a means for strong authentication. We collaborate with leading academic groups in this project and the project is seeing a healthy interest from both business as well as government. <br><br> In this session, we would like to show the benefits of both our Step-up Authentication-as-a-Service solution as well as give attendees a tantalizing glimpse into the future of strong authentication by showcasing the IRMA technology.