A Process for Supporting Risk-Aware Web Authentication Mechanism Choice
Date: September 2007 Publication: Reliability Engineering & System Safety, Volume 92, Issue 9 Page(s): 1204 - 1217 Publisher: Elsevier Source 1: http://www.dcs.gla.ac.uk/~karen/Papers/ress.pdf Source 2: http://dx.doi.org/10.1016/j.ress.2006.08.008 - Subscription or payment required Abstract or Summary:
Web authentication is often treated as a one-size-fits-all problem with ubiquitous use of the password. Indeed, authentication is seldom tailored to the needs of either the site or the target users. This paper does an in-depth analysis of all the vulnerabilities of authentication mechanisms, and proposes a structured and simple process which, if followed, will enable developers to choose a web authentication mechanism so that it matches the needs of their particular site. Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.
<-- Back to Authentication Research Paper Index |