GKLogo-4C copy

James Michael Stewart, au travers de GlobalKnowledge, vient de mettre à disposition un Livre Blanc sur l’authentification multi-étape et pourquoi devrions-nous l’utiliser (Multi-step Authentication and Why You Should Use It).

Ce document de quelques pages détaille succinctement les divers mécanismes actuels pour renforcer une phase d’authentification. Il dénombre notamment:

  • L’authentification par certificat
  • Le Single Sign-On OAuth
  • L’authentification multi-facteurs
  • L’authentification multi-étapes

Authentication is one of the essential components of security. It is one part of the concept known as authentication, authorization, and accounting (AAA). Authentication is the process of claiming an identity then proving that you are that claimed identity. Authorization is the mechanism to control what you can access or do. Accounting is the recording of events into a log to review the activities against the rules and policies in order to detect violations or confirm compliance. All three of these should be addressed when constructing a system in order to have a reasonable foundation for reliable security.

Ce Livre Blanc est disponible en ligne depuis le 8 novembre 2013 à l’adresse suivante.

Sources & ressources :

Yann

Consultant Sécurité