TY - GEN
T1 - Auth-SL - A system for the specification and enforcement of quality-based authentication policies
AU - Squicciarini, Anna C.
AU - Bhargav-Spantzel, Abhilasha
AU - Bertino, Elisa
AU - Czeksis, Alexei B.
N1 - Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.
PY - 2007
Y1 - 2007
N2 - This paper develops a language and a reference architecture supporting the management and enforcement of authentication policies. Such language directly supports multi-factor authentication and the high level specification of authentication factors, in terms of conditions against the features of the various authentication mechanisms and modules. In addition the language supports a rich set of constraints; by using these constraints, one can specify for example that a subject must be authenticated by two credentials issued by different authorities. The paper presents a logical definition of the language and its corresponding XML encoding. It also reports an implementation of the proposed authentication system in the context of the FreeBSD Unix operating system (OS). Critical issues in the implementation are discussed and performance results are reported. These results show that the implementation is very efficient.
AB - This paper develops a language and a reference architecture supporting the management and enforcement of authentication policies. Such language directly supports multi-factor authentication and the high level specification of authentication factors, in terms of conditions against the features of the various authentication mechanisms and modules. In addition the language supports a rich set of constraints; by using these constraints, one can specify for example that a subject must be authenticated by two credentials issued by different authorities. The paper presents a logical definition of the language and its corresponding XML encoding. It also reports an implementation of the proposed authentication system in the context of the FreeBSD Unix operating system (OS). Critical issues in the implementation are discussed and performance results are reported. These results show that the implementation is very efficient.
UR - http://www.scopus.com/inward/record.url?scp=38149112732&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=38149112732&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-77048-0_30
DO - 10.1007/978-3-540-77048-0_30
M3 - Conference contribution
AN - SCOPUS:38149112732
SN - 9783540770473
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 386
EP - 397
BT - Information and Communications Security - 9th International Conference, ICICS 2007, Proceedings
PB - Springer Verlag
T2 - 9th International Conference on Information and Communications Security, ICICS 2007
Y2 - 12 December 2007 through 15 December 2007
ER -