Abstract

An architecture for providing multi-factor authentication as a service is proposed, resting on the principle of a loose coupling and separation of duties between network entities and end user devices. The multi-factor authentication architecture leverages Identity Federation and Single-Sign-On technologies, such as the OpenID framework, in order to provide for a modular integration of various factors of authentication. The architecture is robust and scalable enabling service providers to define risk-based authentication policies by way of assurance level requirements, which map to concrete authentication factor capabilities on user devices.

Links

https://ieeexplore.ieee.org/document/7130879

Citation

Shah, Y., Choyi, V., Schmidt, A.U., Subramanian, L., 2015. Multi-factor Authentication as a Service. Presented at the 2015 3rd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering, pp. 144–150. https://doi.org/DOI 10.1109/MobileCloud.2015.35