Secure and Usable Enterprise Authentication: Lessons from the Field

Mary Theofanos; Simson Garfinkel; Yee-Yin Choong

首页> 外文期刊>IEEE security & privacy >Secure and Usable Enterprise Authentication: Lessons from the Field

【24h】

Secure and Usable Enterprise Authentication: Lessons from the Field

机译：安全和可用的企业身份验证：现场经验教训

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

More than 5.4 million Personal Identity Verification (PIV) and Common Access Cards (CAC) have been deployed to US government employees and contractors. These cards allow physical access to federal facilities, but their use to authenticate logical access to government information systems is uneven, with deployment rates across agencies ranging from 0 to 95 percent. Surveys of US Departments of Defense and Commerce employees show that using these smart cards for two-factor authentication results in improved usability and security. The authors argue that public-key infrastructure-based systems are likely to provide more secure and more usable authentication than other two-factor approaches, including combining strong passwords with a physical token such as a cell phone or time-based hardware identity device.

机译：已经为美国政府雇员和承包商部署了540万个以上的个人身份验证（PIV）和通用访问卡（CAC）。这些卡允许物理访问联邦机构，但是它们用于验证对政府信息系统的逻辑访问的使用并不平衡，整个机构的部署率在0％到95％之间。对美国国防部和商务部员工的调查显示，将这些智能卡用于两因素身份验证可提高可用性和安全性。作者认为，基于公钥基础结构的系统可能比其他两因素方法（包括将强密码与物理令牌（例如手机或基于时间的硬件标识设备）结合在一起）提供的安全性和可用性更高。

著录项

来源
《IEEE security & privacy》 |2016年第5期|14-21|共8页
作者
Mary Theofanos; Simson Garfinkel; Yee-Yin Choong;
展开▼
作者单位

National Institute of Standards and Technology;

National Institute of Standards and Technology;

National Institute of Standards and Technology;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词
Computer security; Verification; Identification; Access control; US Department of Defense;

机译：计算机安全;验证;标识;访问控制;美国国防部;

相似文献

外文文献
中文文献
专利

1. Comparing Password Management Software: Toward Usable and Secure Enterprise Authentication [J] . Patricia Arias-Cabarcos, Andrés Marín, Diego Palacios, IT professional . 2016,第5期

机译：比较密码管理软件：走向可用和安全的企业身份验证
2. ChoCD: Usable and Secure Graphical Password Authentication Scheme [J] . Radhi Rafiee Afandi, Mohd Zalisham Jali Indian Journal of Science and Technology . 2017,第4期

机译：ChoCD：可用和安全的图形密码认证方案
3. Design of a Secure Authentication and Key Agreement Scheme Preserving User Privacy Usable in Telecare Medicine Information Systems [J] . Arshad Hamed, Rasoolzadegan Abbas Journal of medical systems . 2016,第11期

机译：保护可在远程护理医学信息系统中使用的用户隐私的安全认证和密钥协商方案的设计
4. Usability Testing for Rapid Fielding with Small Ns:Lessons Learned During an Army Operational Field Experiment [C] . Pamela A. Savage-Knepshield Annual Meeting of the Human Factors and Ergonomics Society(HFES 2007); 20071001-05; Baltimore,MA(US) . 2007

机译：小型Ns快速部署的可用性测试：在陆军作战野外实验中获得的经验教训
5. Memorable, Secure, and Usable Authentication Secrets [D] . Woo, Simon S. 2017

机译：难忘，安全且可用的身份验证机密
6. Secure and Usable User-in-a-Context Continuous Authentication in Smartphones Leveraging Non-Assisted Sensors [O] . Jose Maria de Fuentes, Lorena Gonzalez-Manzano, Arturo Ribagorda 2018

机译：利用非辅助传感器的智能手机中的安全可用上下文连续认证
7. Comparing Password Management Software: Toward Usable and Secure Enterprise Authentication [O] . Arias Cabarcos Patricia, Marín López Andrés, Palacios Diego, 2016

机译：比较密码管理软件：迈向可用和安全的企业身份验证

Secure and Usable Enterprise Authentication: Lessons from the Field

摘要

著录项

相似文献

相关主题

期刊订阅