Description
Multi-factor authentication (MFA) is becoming a standard feature of Authorization and Authentication Infrastructures (AAIs). Alongside the other security measures, it allows accessing services and datasets securely.
Not only the access to datasets and services needs to follow the security rules. An Identity and Access Management (IAM) system as a place where the access to resources is managed has to implement the same practices. Otherwise, the attacker could exploit the weaker part of the access chain in the identity and access management process instead of overcoming highly secured datasets and services access.
To address the security risks, we have focused on implementing the MFA into the Perun IAM system. The challenge was to create a well-adapted solution that balances security, usability, and accessibility. It led us to implement a step-up authentication process triggered only when users want to manage access to sensitive resources inside the system.
This demonstration will go through the challenges we encountered during the design and implementation and showcase the final solution in the Perun IAM system.
Key Topic | Security, Trust and Identity |
---|