A process for supporting risk-aware web authentication mechanism choice
نویسنده
چکیده
Web authentication is often treated as a one-size-fits-all problem with ubiquitous use of the password. Indeed, authentication is seldom tailored to the needs of either the site or the target users. This paper does an in-depth analysis of all the vulnerabilities of authentication mechanisms, and proposes a structured and simple process which, if followed, will enable developers to choose a web authentication mechanism so that it matches the needs of their particular site.
منابع مشابه
A semantic-aware role-based access control model for pervasive computing environments
Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...
متن کاملSecuring Web Services with XML aware Digital Signatures
The evolution of web services has facilitated the integration of business processes scattered across different geographical locations of the world. Along with the benefits that web services provide for high value online transactions, it also poses some security threats. A new standard of XML aware digital signatures, recommended by W3C, provides authentication, data integrity, and support for n...
متن کاملTowards Supporting Exploratory Search over the Arabic Web Content: The Case of ArabXplore
Due to the huge amount of data published on the Web, the Web search process has become more difficult, and it is sometimes hard to get the expected results, especially when the users are less certain about their information needs. Several efforts have been proposed to support exploratory search on the web by using query expansion, faceted search, or supplementary information extracted from exte...
متن کاملDenial of Service Protection for Optimized and QoS-aware Handover Based on Localized Cookies
Quality of Service (QoS) mechanisms in networks supporting mobile Internet communications give rise to new threats: these mechanisms could be abused by malicious entities launching so-called Denial of Service (DoS) attacks. If the network can not efficiently check the credibility of a QoS-request during a handover process, malicious entities could flood the network with bogus QoSrequests; if th...
متن کاملPerformance analysis of a Denial of Service protection scheme for optimized and QoS-aware handover
Quality of Service (QoS) mechanisms in networks supporting mobile Internet communications give rise to Denial of Service (DoS) threats: if the network cannot efficiently check the credibility of a QoS request during a handover process, malicious entities could flood the network with bogus QoS requests; if the authentication check is performed by means of an AAA protocol before the access networ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Rel. Eng. & Sys. Safety
دوره 92 شماره
صفحات -
تاریخ انتشار 2007