Tag Archives: Identity

Feedback on the Paper on Privacy Postures of Authentication Technologies

Posted on May 15, 2013 by Francisco Corella

Many thanks to every one who provided feedback on the paper on privacy postures of authentication technologies which was announced in the previous blog post. The paper was discussed on the Identity Commons mailing list and we also received feedback … Continue reading →

Posted in Identity | Tagged Authentication, Identity, privacy | Leave a comment

Comparing the Privacy Features of Eighteen Authentication Technologies

Posted on May 5, 2013 by Francisco Corella

This blog post motivates and elaborates on the paper Privacy Postures of Authentication Technologies, which we presented at the recent ID360 conference. There is a great variety of user authentication technologies, and some of them are very different from each … Continue reading →

Posted in Identity | Tagged Authentication, Identity, OpenID, OpenID Connect, privacy, Shibboleth | Leave a comment

Two Methods of Cryptographic Single Sign-On on Mobile Devices

Posted on April 20, 2013 by Francisco Corella

This is the sixth and last post of a series discussing the paper A Comprehensive Approach to Cryptographic and Biometric Authentication from a Mobile Perspective. To conclude this series I am going to discuss briefly two methods of single sign-on … Continue reading →

Posted in Identity | Tagged Authentication, cryptography, Identity, Mobile, Security | Leave a comment

Using Cryptographic Authentication without a Cryptographic API on iOS and Android Devices

Posted on April 16, 2013 by Francisco Corella

This is the fifth of a series of posts discussing the paper A Comprehensive Approach to Cryptographic and Biometric Authentication from a Mobile Perspective. Everybody agrees that passwords provide very poor security for user authentication, being vulnerable to capture by … Continue reading →

Posted in Identity | Tagged Authentication, cryptography, Identity, Mobile, Security | Leave a comment

Strong Authentication with a Low-Entropy Biometric Key

Posted on April 12, 2013 by Francisco Corella

This is the fourth of a series of posts discussing the paper A Comprehensive Approach to Cryptographic and Biometric Authentication from a Mobile Perspective. Biometrics are a strong form of authentication when there is assurance of liveness, i.e. assurance that … Continue reading →

Posted in Identity | Tagged Authentication, Biometric, cryptography, Identity, Mobile, Security | Leave a comment

Defense in Depth of Cryptographic Credentials on a Mobile Device

Posted on April 8, 2013 by Francisco Corella

This is the third of a series of posts discussing the paper A Comprehensive Approach to Cryptographic and Biometric Authentication from a Mobile Perspective. Credentials based on public key cryptography provide much stronger security than ordinary passwords or one-time passwords. … Continue reading →

Posted in Identity | Tagged Authentication, cryptography, Identity, Mobile, Security | Leave a comment

Closed-Loop vs. Open-Loop Authentication

Posted on April 3, 2013 by Francisco Corella

This is the second of a series of posts discussing the paper A Comprehensive Approach to Cryptographic and Biometric Authentication from a Mobile Perspective. In this post I want to take the time to explain and emphasize the distinction made … Continue reading →

Posted in Identity | Tagged Authentication, cryptography, Identity, Mobile | 2 Comments

New Research on Mobile Authentication

Posted on March 29, 2013 by Francisco Corella

This is the first of a series of posts discussing the paper A Comprehensive Approach to Cryptographic and Biometric Authentication from a Mobile Perspective In the next few posts I will be reporting on research that we have been doing … Continue reading →

Posted in Identity | Tagged Authentication, Biometric, cryptography, Identity, Mobile, Multifactor | Leave a comment

Report on the NIST Cryptographic Key Management Workshop

Posted on September 25, 2012 by Francisco Corella

This is a belated report on the Cryptographic Key Management Workshop that was held by NIST on September 10-11. Karen Lewison and I went to Washington DC for the workshop, where we presented a talk on techniques for addressing the … Continue reading →

Posted in Identity | Tagged cryptography, Identity, Mobile, NIST | Leave a comment

Techniques for Implementing Derived Credentials on Mobile Devices

Posted on August 22, 2012 by Francisco Corella

Update. We made a presentation on this topic at the Cryptographic Key Management Workshop that was held on September 10-11 at NIST. We live in the Age of Mobile, and US Federal agencies, like all enterprises, want their employees to … Continue reading →

Posted in Identity | Tagged Authentication, Biometric, CAC, Identity, Mobile, Multi-factor, NIST, PIV | Leave a comment

Tag Archives: Identity

Feedback on the Paper on Privacy Postures of Authentication Technologies

Comparing the Privacy Features of Eighteen Authentication Technologies

Two Methods of Cryptographic Single Sign-On on Mobile Devices

Using Cryptographic Authentication without a Cryptographic API on iOS and Android Devices

Strong Authentication with a Low-Entropy Biometric Key

Defense in Depth of Cryptographic Credentials on a Mobile Device

Closed-Loop vs. Open-Loop Authentication

New Research on Mobile Authentication

Report on the NIST Cryptographic Key Management Workshop

Techniques for Implementing Derived Credentials on Mobile Devices

Follow Us on Twitter

Subscribe

Blog Posts

Our Old Noflail Search Blog

NSF Funding

CONNECT Springboard

About Us

Our Research (Web Pages, Page Sections and Blog Posts)

Papers and Presentations

Archived Papers and Presentations