Cargando…
Detecting Risky Authentication Using the OpenID Connect Token Exchange Time
With the rise in sophisticated cyber threats, traditional authentication methods are no longer sufficient. Risk-based authentication (RBA) plays a critical role in the context of the zero trust framework—a paradigm shift that assumes no trust within or outside the network. This research introduces a...
| Autores principales: | , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2023
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10575157/ https://www.ncbi.nlm.nih.gov/pubmed/37837086 http://dx.doi.org/10.3390/s23198256 |
| _version_ | 1785120860980379648 |
|---|---|
| author | Han, Alex Heunhe Lee, Dong Hoon |
| author_facet | Han, Alex Heunhe Lee, Dong Hoon |
| author_sort | Han, Alex Heunhe |
| collection | PubMed |
| description | With the rise in sophisticated cyber threats, traditional authentication methods are no longer sufficient. Risk-based authentication (RBA) plays a critical role in the context of the zero trust framework—a paradigm shift that assumes no trust within or outside the network. This research introduces a novel proposal as its core: utilization of the time required by OpenID Connect (OIDC) token exchanges as a new RBA feature. This innovative approach enables the detection of tunneled connections without any intervention from the user’s browser or device. By analyzing the duration of OIDC token exchanges, the system can identify any irregularities that may signify unauthorized access attempts. This approach not only improves upon existing RBA frameworks but is also in alignment with the broader movement toward intelligent and responsive security systems. |
| format | Online Article Text |
| id | pubmed-10575157 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2023 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-105751572023-10-14 Detecting Risky Authentication Using the OpenID Connect Token Exchange Time Han, Alex Heunhe Lee, Dong Hoon Sensors (Basel) Article With the rise in sophisticated cyber threats, traditional authentication methods are no longer sufficient. Risk-based authentication (RBA) plays a critical role in the context of the zero trust framework—a paradigm shift that assumes no trust within or outside the network. This research introduces a novel proposal as its core: utilization of the time required by OpenID Connect (OIDC) token exchanges as a new RBA feature. This innovative approach enables the detection of tunneled connections without any intervention from the user’s browser or device. By analyzing the duration of OIDC token exchanges, the system can identify any irregularities that may signify unauthorized access attempts. This approach not only improves upon existing RBA frameworks but is also in alignment with the broader movement toward intelligent and responsive security systems. MDPI 2023-10-05 /pmc/articles/PMC10575157/ /pubmed/37837086 http://dx.doi.org/10.3390/s23198256 Text en © 2023 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Han, Alex Heunhe Lee, Dong Hoon Detecting Risky Authentication Using the OpenID Connect Token Exchange Time |
| title | Detecting Risky Authentication Using the OpenID Connect Token Exchange Time |
| title_full | Detecting Risky Authentication Using the OpenID Connect Token Exchange Time |
| title_fullStr | Detecting Risky Authentication Using the OpenID Connect Token Exchange Time |
| title_full_unstemmed | Detecting Risky Authentication Using the OpenID Connect Token Exchange Time |
| title_short | Detecting Risky Authentication Using the OpenID Connect Token Exchange Time |
| title_sort | detecting risky authentication using the openid connect token exchange time |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10575157/ https://www.ncbi.nlm.nih.gov/pubmed/37837086 http://dx.doi.org/10.3390/s23198256 |
| work_keys_str_mv | AT hanalexheunhe detectingriskyauthenticationusingtheopenidconnecttokenexchangetime AT leedonghoon detectingriskyauthenticationusingtheopenidconnecttokenexchangetime |