Multifactor Authentication
Description
Authentication is the verification of the identity of a person or process. In a communication system, authentication verifies that messages really come from the stated source, similar to the signature on an official, paper document.
- There are three categories of components an authentication system can depend
on:
- something the user knows (e.g. passwords, PINs)
- something the user has (e.g. tokens, Smart Cards)
- something the user is (e.g. fingerprints, retinal scans)
Multifactor authentication requires more than one of the above categories. Penn State currently uses a combination of Kerberos and SecurID (Smart Card) tokens for multifactor authentication. With the growing number of Web applications, the need for stronger authentication increases to a much larger audience. Hardware tokens can be expensive. Administrative Information Services (AIS), a unit of Information Technology Services (ITS), has been tasked with providing a less expensive alternative for the current hardware token.
Publications
N/A
Resources
Primary ET Contact
Renee Shuey RShuey@psu.edu
Collaborators
Administrative Information Services (AIS), also a unit of ITS.
Expected Deliverable(s)
A recommendation will be developed.
Level of ET Involvement
ET provides medium level involvement, as AIS is leading this initiative.
Initiative Start Date
TBA