Home page
AARC-G029

AARC-G029 Guidelines on stepping up the authentication component in AAIs implementing the AARC BPA

A number of research community use cases require users to verify their identity by using more than one type of credentials, for instance using password authentication, together with some physical object such as a phone or usb stick that generates tokens/pins, etc. At the same time, there are services that may require an already logged in user to re-authenticate using a stronger authentication mechanism when accessing sensitive resources. Authentication step-up is then needed to improve the original authentication strength of those users. This document provides guidelines on step-up of the authentication component. It covers requirements and implementation recommendations, describes a proposed authentication step-up model, and outlines related work and documentation.

Document URLhttps://aarc-project.eu/wp-content/uploads/2018/05/AARC-G029_Guidelines-on-Step-Up-Authentication.pdf
Development informationAARC Project Wiki
Status: Final (30 Mar 2018)
DOIhttps://doi.org/10.5281/zenodo.1251671
Errata: none
Supersedes: none

aarc-contacts@lists.geant.org

Linkedin Twitter Youtube

© members of the AARC Community. 
The work leading to these results has received funding from the European Union (GAP 101131237) and other sources. The contents of this publication is the sole responsibility of AARC and does not necessarily reflect the opinion of the European Union.