Download
1 / 6
60 likes | 173 Views
In our ongoing work, we aim to analyze various authentication schemes, akin to our previous efforts in authorization. We will explore different models, focusing on crucial factors such as communication paths, the establishment of shared secrets, the need for time synchronization, and the mechanism of mutual authentication. Additionally, we will discuss the types of pre-established data involved, including root information, biometrics, and shared secrets, while considering potential impersonation risks. Our goal is to align these findings with established authorization models.
E N D
AAA-ArchAuthentication Schemes Stephen Farrell stephen.farrell@baltimore.ie John Vollbrecht jrv@interlinknetworks.com Joe Salowey joes@wrq.com Standish Stewart sstewart@interlinknetworks.com
What we’re doing • Starting work... • Similar to what we did with authorization • Analyse authentication schemes • no invention though! • Figure out some models • Match those with the authorization models
Factors • Communications paths (topology) • Establishes shared secrets or not • Requires time synchronisation or not • Mutual authentication or not • Type of pre-established data (root info, biometrics, shared-secrets) • Allows impersonation or not
User -> Auth. Server AS User Application
App. -> Auth. Server AS User Application
Triangle? AS User Application
