Authentication Factors
taxonomy
Classification Objective
The objective of this classification is to inventory, characterize and compare authentication factors.
TODO
- Compile a quick version 1 of the list
- Complete it with a literature review
- List the key properties to characterize items
...
Authentication Factors
Knowledge factor
Possession factor
Inherence factor
Location factor
Time factor
Other key dimensions
In-band versus out-of-band authentication
Front-end versus back-end authentication / direct versus delegated authentication
Authentication Methods
Class | Sub-class | Comments | Sources | |||
---|---|---|---|---|---|---|
Biometric Authentication | ||||||
Brainwaves | ||||||
Facial Recognition | ||||||
Geo-localization (absolute or relative to computer system) | ||||||
Fingerprint Scan | ||||||
Gait Biometrics | ||||||
Hand Gestures | ||||||
Heartbeats | ||||||
Iris Scanner | ||||||
Keystroke Dynamics / Touchstroke Biometrics | ||||||
Knuckleprint Biometrics | ||||||
Multi-Modal Biometrics | ||||||
Palmprint Biometrics | ||||||
Voice Identification | ||||||
Certificate-based Authentication | ||||||
Hardware Token One-Time Passcode | ||||||
Email OTP | ||||||
Physical Token OTP | ||||||
Software / App OTP | ||||||
SMS OTP | ||||||
TAN Lists | ||||||
Voice OTP | ||||||
Password | ||||||
Graphical Password | ||||||
Personal Identification Number (PIN) | ||||||
Text Password | ||||||
Passphrase | ||||||
Security Question | ||||||
Single Sign-On (SSO) | ||||||
SMS One-Time Passcode | Software App One-Time Passcode | Token-based Authentication | Session authentication |
Standards
- Compile a list of authentication standards, even obsolete ones, then map these to the authentication methods
Password Authentication Protocol (PAP)
Challenge Handshake Authentication Protocol (CHAP)
Extensible Authentication Protocol (EAP)
GrIDsure
IP Security (IPSec)
Kerberos
Microsoft CHAP (MS-CHAP)
Microsoft NTLM
OAuth
OpenID Connect
Password Authentication Protocol (PAP)
RADIUS
SAML
Shiva PAP (SPAP)
U2F
WebAuthN