Authentication Factors
taxonomy
Classification Objective
The objective of this classification is to inventory, characterize and compare authentication factors.
TODO
- Compile a quick version 1 of the list
- Complete it with a literature review
- List the key properties to characterize items
...
Authentication Factors
Knowledge factor
Possession factor
Inherence factor
Location factor
Time factor
Other key dimensions
In-band versus out-of-band authentication
Front-end versus back-end authentication / direct versus delegated authentication
Authentication Methods
Class | Sub-class | Comments | Sources | |||
---|---|---|---|---|---|---|
Biometric Authentication | ||||||
Brainwaves | ||||||
Facial Recognition | ||||||
Geo-localization (absolute or relative to computer system) | ||||||
Fingerprint Scan | ||||||
Gait Biometrics | ||||||
Hand Gestures | ||||||
Heartbeats | ||||||
Iris Scanner | ||||||
Keystroke Dynamics / Touchstroke Biometrics | ||||||
Knuckleprint Biometrics | ||||||
Multi-Modal Biometrics | ||||||
Palmprint Biometrics | ||||||
Voice Identification | ||||||
Certificate-based Authentication | ||||||
Hardware Token One-Time Passcode | ||||||
Email OTP | ||||||
Physical Token OTP | ||||||
Software / App OTP | ||||||
SMS OTP | ||||||
TAN Lists | ||||||
Voice OTP | ||||||
Password | ||||||
Graphical Password | ||||||
Personal Identification Number (PIN) | ||||||
Text Password | ||||||
Passphrase | ||||||
Security Question | ||||||
Single Sign-On (SSO) | ||||||
SMS One-Time Passcode | Software App One-Time Passcode | Token-based Authentication | Session authentication |
Standards
- Compile a list of authentication standards, even obsolete ones, then map these to the authentication methods
- Password Authentication Protocol (PAP)
Challenge Handshake Authentication Protocol (CHAP)
Extensible Authentication Protocol (EAP)
GrIDsure
IP Security (IPSec)
Kerberos
Microsoft CHAP (MS-CHAP)
Microsoft NTLM
OAuth
OpenID Connect
Password Authentication Protocol (PAP)
RADIUS
SAML
Shiva PAP (SPAP)
U2F
WebAuthN