Versions Compared

Old Version 14

changes.mady.by.user David Doret

Saved on

compared with

New Version Current

changes.mady.by.user David Doret

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Authentication Factors

taxonomy

Classification Objective

The objective of this classification is to inventory, characterize and compare authentication factors.

TODO

  •  Compile a quick version 1 of the list
  •  Complete it with a literature review
  •  List the key properties to characterize items

Classification

...

Item

...

Alternative Forms

...

Definition

...

Sources

...

Certificate-based Authentication

...

Password

...

Single Sign-On (SSO)

...

SMS One-Time Passcode

...

Jover, 2020

...

Software App One-Time Passcode

...

Authentication Factors

  • Knowledge factor

  • Possession factor

  • Inherence factor

  • Location factor

  • Time factor

Other key dimensions

  • In-band versus out-of-band authentication

  • Front-end versus back-end authentication / direct versus delegated authentication

Authentication Methods

Class

Sub-class

Comments

Sources

Biometric Authentication

Brainwaves

Facial Recognition

Geo-localization (absolute or relative to computer system)

Fingerprint Scan

Gait Biometrics

Hand Gestures

Heartbeats

Iris Scanner

Keystroke Dynamics / Touchstroke Biometrics

Knuckleprint Biometrics

Multi-Modal Biometrics

Palmprint Biometrics

Voice Identification

Certificate-based Authentication

One-Time Passcode

Email OTP

Physical Token OTP

Software / App OTP

SMS OTP

Jover, 2020

TAN Lists

Voice OTP

Password

Graphical Password

Personal Identification Number (PIN)

Text Password

Passphrase

Security Question

Single Sign-On (SSO)

Token-based Authentication

Session authentication

Standards

  •  Compile a list of authentication standards, even obsolete ones, then map these to the authentication methods
    Password Authentication Protocol (PAP)

  • Challenge Handshake Authentication Protocol (CHAP)

  • Extensible Authentication Protocol (EAP)

  • GrIDsure

  • IP Security (IPSec) 

  • Kerberos

  • Microsoft CHAP (MS-CHAP)

  • Microsoft NTLM

  • OAuth

  • OpenID Connect

  • Password Authentication Protocol (PAP)

  • RADIUS

  • SAML

  • Shiva PAP (SPAP)

  • U2F

  • WebAuthN

Bibliography