Authentication Factors

Authentication Factors

taxonomy

Classification Objective

The objective of this classification is to inventory, characterize and compare authentication factors.

TODO

Compile a quick version 1 of the list
Complete it with a literature review
List the key properties to characterize items

Authentication Factors

  • Knowledge factor

  • Possession factor

  • Inherence factor

  • Location factor

  • Time factor

Other key dimensions

  • In-band versus out-of-band authentication

  • Front-end versus back-end authentication / direct versus delegated authentication

Authentication Methods

Class

Sub-class

Comments

Sources

Class

Sub-class

Comments

Sources

Biometric Authentication

 

 

 

 

Brainwaves

 

 

 

Facial Recognition

 

 

 

Geo-localization (absolute or relative to computer system)

 

 

 

Fingerprint Scan

 

 

 

Gait Biometrics

 

 

 

Hand Gestures

 

 

 

Heartbeats

 

 

 

Iris Scanner

 

 

 

Keystroke Dynamics / Touchstroke Biometrics

 

 

 

Knuckleprint Biometrics

 

 

 

Multi-Modal Biometrics

 

 

 

Palmprint Biometrics

 

 

 

Voice Identification

 

 

Certificate-based Authentication

 

 

 

One-Time Passcode

 

 

 

 

Email OTP

 

 

 

Physical Token OTP

 

 

 

Software / App OTP

 

 

 

SMS OTP

 

https://open-measure.atlassian.net/wiki/spaces/BIB/pages/1348763922

 

TAN Lists

 

 

 

Voice OTP

 

 

Password

 

 

 

 

Graphical Password

 

 

 

Personal Identification Number (PIN)

 

 

 

Text Password

 

 

 

Passphrase

 

 

Security Question

 

 

 

Single Sign-On (SSO)

 

 

 

Token-based Authentication

 

Session authentication

 

Standards

Compile a list of authentication standards, even obsolete ones, then map these to the authentication methods
  • Challenge Handshake Authentication Protocol (CHAP)

  • Extensible Authentication Protocol (EAP)

  • GrIDsure

  • IP Security (IPSec) 

  • Kerberos

  • Microsoft CHAP (MS-CHAP)

  • Microsoft NTLM

  • OAuth

  • OpenID Connect

  • Password Authentication Protocol (PAP)

  • RADIUS

  • SAML

  • Shiva PAP (SPAP)

  • U2F

  • WebAuthN

Bibliography

 


Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.


This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.