Cargando…
A Unified approach towards Multi-factor Authentication(MFA)
<!--HTML-->With more applications and services deployed in BNL SDCC that rely on authentication services, adoption of Multi-factor Authentication (MFA) became inevitable. While web applications can be protected by Keycloak (a open source Single sign-on solution directed by Red Hat) with its MF...
| Autor principal: | |
|---|---|
| Lenguaje: | eng |
| Publicado: |
2021
|
| Materias: | |
| Acceso en línea: | http://cds.cern.ch/record/2767529 |
| _version_ | 1780971310062501888 |
|---|---|
| author | Zaran, Masood |
| author_facet | Zaran, Masood |
| author_sort | Zaran, Masood |
| collection | CERN |
| description | <!--HTML-->With more applications and services deployed in BNL SDCC that rely on authentication services, adoption of Multi-factor Authentication (MFA) became inevitable. While web applications can be protected by Keycloak (a open source Single sign-on solution directed by Red Hat) with its MFA feature, other service components within the facility rely on FreeIPA (an open source identity management software directed by Red Hat) for MFA authentication. While this satisfies cyber security requirements, it creates a situation where users need to manage multiple tokens and differentiation of them depends upon what they access. Not only this is a major irritation for users, it also adds a burden for staff members who manage user tokens. To tackle the challenges, a solution needs to be found to provide a unified way for token management. In the paper, we elaborate a solution that was explored and implemented at the SDCC, and also plan to extend it's capabilities and flexibility's for future application integration's. |
| id | cern-2767529 |
| institution | Organización Europea para la Investigación Nuclear |
| language | eng |
| publishDate | 2021 |
| record_format | invenio |
| spelling | cern-27675292022-11-02T22:25:26Zhttp://cds.cern.ch/record/2767529engZaran, MasoodA Unified approach towards Multi-factor Authentication(MFA)25th International Conference on Computing in High Energy & Nuclear PhysicsConferences<!--HTML-->With more applications and services deployed in BNL SDCC that rely on authentication services, adoption of Multi-factor Authentication (MFA) became inevitable. While web applications can be protected by Keycloak (a open source Single sign-on solution directed by Red Hat) with its MFA feature, other service components within the facility rely on FreeIPA (an open source identity management software directed by Red Hat) for MFA authentication. While this satisfies cyber security requirements, it creates a situation where users need to manage multiple tokens and differentiation of them depends upon what they access. Not only this is a major irritation for users, it also adds a burden for staff members who manage user tokens. To tackle the challenges, a solution needs to be found to provide a unified way for token management. In the paper, we elaborate a solution that was explored and implemented at the SDCC, and also plan to extend it's capabilities and flexibility's for future application integration's.oai:cds.cern.ch:27675292021 |
| spellingShingle | Conferences Zaran, Masood A Unified approach towards Multi-factor Authentication(MFA) |
| title | A Unified approach towards Multi-factor Authentication(MFA) |
| title_full | A Unified approach towards Multi-factor Authentication(MFA) |
| title_fullStr | A Unified approach towards Multi-factor Authentication(MFA) |
| title_full_unstemmed | A Unified approach towards Multi-factor Authentication(MFA) |
| title_short | A Unified approach towards Multi-factor Authentication(MFA) |
| title_sort | unified approach towards multi-factor authentication(mfa) |
| topic | Conferences |
| url | http://cds.cern.ch/record/2767529 |
| work_keys_str_mv | AT zaranmasood aunifiedapproachtowardsmultifactorauthenticationmfa AT zaranmasood 25thinternationalconferenceoncomputinginhighenergynuclearphysics AT zaranmasood unifiedapproachtowardsmultifactorauthenticationmfa |