Difference between revisions of "Progressive Authentication"
From MgmtWiki
(→Context) |
(→Context) |
||
Line 3: | Line 3: | ||
==Context== | ==Context== | ||
+ | |||
+ | Then general use case<ref>Tom Jones ''Trust Elevation Use Case'' https://wiki.idesg.org/wiki/index.php?title=Trust_Elevation_Use_Case</ref> is where trust elevation must occur during the | ||
NSA Blacker | NSA Blacker |
Revision as of 20:42, 14 June 2018
Full Definition or Meme
When the exact nature of the user request is unknown, it is best to authentication in the least obtrusive manner, which is typically not at the highest level they might need later in the interchange.
Context
Then general use case[1] is where trust elevation must occur during the
NSA Blacker
When mobile device became common it was early realized that the blacker solution was not feasible and progressive authentication was proposed[2]
Problems
Solutions
References
- ↑ Tom Jones Trust Elevation Use Case https://wiki.idesg.org/wiki/index.php?title=Trust_Elevation_Use_Case
- ↑ Oriana Riva +3 Progressive authentication: deciding when to authenticate on mobile phones Published in: Proceedings Security'12 Proceedings of the 21st USENIX conference on Security symposium Pages 15-15 Bellevue, WA — August 08 - 10, 2012