Authentication Factor

From MgmtWiki
Revision as of 11:02, 20 March 2022 by Tom (talk | contribs) (Something you Have)

Jump to: navigation, search

Authentication Factors

Attributes or Credential that are used in support of Authentication of a user's Identifier.

Context

Taxonomy

Applicable only in this wiki page:

  • Authentication = the establishment of a link between some real-world entity (person or machine) and a digital identity.
  • Machine = any device that can attach to an Internet address.
  • Digital Identity = a User Object or a list of attribute attributed to you in an on-line database.
  • Digital Identifier = a collection of symbols that is used to find your digital identify in a data base
  • Passwordless = any online identification that does not include something you know.

Problems

  1. Authenticating yourself to a device in hand
  2. Authenticating yourself to a web site over the internet
  3. Authentication yourself to a physical access device

Something you Know

  • This is the oldest factor for creating a digital Identity.


Something you Have

Note that this case includes something called cross-device authentication which is logically indistinguishable from this case.

  • Usually a digital artifact that is able to create a one-time access code (aka a one-tine password)

Attacks

  • Attacker takes the device away from you
  • Attacker has a device that can spoof a Relying Party into thinking it iw working on your behalf.

Something you Are

References

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Authentication_Factor&oldid=14124"