Logo des Repositoriums
 

X.509 User Certificate-based Two-Factor Authentication for Web Applications

dc.contributor.authorWaldvogel, Marcel
dc.contributor.authorZink, Thomas
dc.contributor.editorMüller, Paul
dc.contributor.editorNeumair, Bernhard
dc.contributor.editorRaiser, Helmut
dc.contributor.editorDreo Rodosek, Gabi
dc.date.accessioned2017-06-20T11:04:54Z
dc.date.available2017-06-20T11:04:54Z
dc.date.issued2017
dc.description.abstractAn appealing property to researchers, educators, and students is the openness of the phys­ical environment and IT infrastructure of their organizations. However, to the IT administration, this creates challenges way beyond those of a single-purpose business or administration. Especially the personally identifiable information or the power of the critical functions behind these logins, such as financial transactions or manipulating user accounts, require extra protection in the heterogeneous educational environment with single-sign-on. However, most web-based environments still Jack a reasonable second-factor protection or at least the enforcement of it for privileged operations with­out hindering normal usage. In this paper we introduce a novel and surprisingly simple yet extremely flexible way to irnplement two-factor authentication based on X.509 user certificates in web applications. Our solution requires only a few !irres of code in web server configuration and none in the application source code for basic protection. Furthermore, since it is based on X.509 certificates, it can be easily combined with smartcards or USB cryptotokens to further enhance security.
dc.identifier.isbn978-3-88579-665-7
dc.identifier.pissn1617-5468
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartof10. DFN-Forum Kommunikationstechnologien
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-271
dc.subjectmulti-factor-authentication
dc.subjectauthentication
dc.subjectcrypto token
dc.subjectS/MIME
dc.subjectcertificate
dc.subjectX.509
dc.titleX.509 User Certificate-based Two-Factor Authentication for Web Applications
dc.typeText/Conference Paper
gi.citation.endPage61
gi.citation.publisherPlaceBonn
gi.citation.startPage51
gi.conference.date30.-31. Mai 2017
gi.conference.locationBerlin
gi.conference.sessiontitleSicherheit

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
paper05.pdf
Größe:
281.76 KB
Format:
Adobe Portable Document Format