Authentication Factors
taxonomy
Classification Objective
The objective of this classification is to inventory, characterize and compare authentication factors.
TODO
- Compile a quick version 1 of the list
- Complete it with a literature review
- List the key properties to characterize items
Authentication Methods
Class | Sub-class | Comments | Sources |
---|---|---|---|
Biometric Authentication | |||
Facial Recognition | |||
Fingerprint Scan | |||
Iris Scanner | |||
Keystroke Dynamics | |||
Voice Identification | |||
Certificate-based Authentication | |||
One-Time Passcode | |||
Email OTP | |||
Physical Token OTP | |||
Software / App OTP | |||
SMS OTP | |||
TAN Lists | |||
Voice OTP | |||
Password | |||
Security Question | |||
Single Sign-On (SSO) | |||
Token-based Authentication | Session authentication |
Standards
- Compile a list of authentication standards, even obsolete ones, then map these to the authentication methods
Challenge Handshake Authentication Protocol (CHAP)
Extensible Authentication Protocol (EAP)
IP Security (IPSec)
Kerberos
Microsoft CHAP (MS-CHAP)
Microsoft NTLM
OAuth
OpenID Connect
Password Authentication Protocol (PAP)
RADIUS
SAML
Shiva PAP (SPAP)
U2F
WebAuthN