Internet2

Multifactor Authentication: It isn't just for the auditors anymore.

October 03, 2011, 3:00 PM - 4:00 PM
GMT -4 EDT
Location: 302C
Add to iCal Add to Google Calendar
Session Abstract Duke University is working toward implementing multifactor authentication in both our Shibbolized web environments and more traditional client-server environments. To some extent, the implementation is driven by the classic enterprise requirements -- transactions that expose the institution to significant risk require higher-assurance authentication than passwords alone can provide. We are mindful of an additional driver, however, in the desire of end users to self-select for heightened security based on their personal comfort levels (and their estimation of their own degree of credential exposure, conditioned by their own individual behaviors and password hygiene). In this session, we will describe our approach to providing flexible multifactor authentication options to both service providers and end-users on campus, potentially demonstrating the model in action. We'll also discuss the challenges and opportunities that may arise with the approach as it expands to address federated use cases as well as local, unfederated use cases.

If you attended this meeting, please fill out the Session Evaluation

Related Topic Areas

Silver Sponsors

Bronze Sponsors

Supporter Sponsors