Strong Authentication for Everyone Netcast Archive
Posted on Aug 18, 2014
Tags:
Not a day goes by without news about online security breaches, usually
involving user's password credentials being compromised. The obvious
solution for improving the situation is the introduction of strong
authentication, involving not just something the user knows (a password)
but also something the user has (e.g. a mobile phone or some sort of
token). The uptake of strong authentication in the research and
education community has been slow. There are many reasons for this, but
the most important one seems to be the complexity of deploying strong
authentication in heterogeneous user groups (which include, for
instance, students, staff, researchers, etc.). One approach for dealing
with this is the deals that Internet2 has struck with vendors of
two-factor authentication solutions which lower the cost barrier for
deploying strong authentication.
<br><br>
SURFnet has taken a different, complementary, approach: we will be
introducing what we call "Step-up Authentication-as-a-Service" into our
identity federation, SURFconext. This service will allow users to
register means for strong authentication without the burden for campuses
of having to deploy strong authentication campus-wide. We believe this
service will be of great benefit to both campus identity providers as
well as to service providers requiring stronger forms of authentication.
<br><br>
In addition to this service deployment, SURFnet is also involved in more
forward-looking work with respect to strong authentication. We are
looking at a cutting edge strong authentication technology that takes
the benefits of identity federations (the use of attributes) and uses
these for strong authentication with smart cards in an extremely
privacy-friendly way. This technology, called IRMA
(http://www.irmacard.org/) has even greater potential than our Step-up
Authentication service as it truely puts the user in control of a means
for strong authentication. We collaborate with leading academic groups
in this project and the project is seeing a healthy interest from both
business as well as government.
<br><br>
In this session, we would like to show the benefits of both our Step-up
Authentication-as-a-Service solution as well as give attendees a
tantalizing glimpse into the future of strong authentication by
showcasing the IRMA technology.