{"title":"身份保护系数(IPF)","authors":"Arshad Noor","doi":"10.1145/1373290.1373293","DOIUrl":null,"url":null,"abstract":"Since the dawn of computing, operating systems and applications have used many schemes to identify and authenticate entities accessing resources within computers. While the technologies and schemes have varied, there appears to have been little attempt to classify them based on their ability to resist attacks from unauthorized entities.\n With the proliferation of identity management technologies in the market today, it is becoming increasingly difficult to assess and compare them with each other. As the threat level continues to rise on the internet, and regulations governing information technology continue to grow, risk managers need more objective mechanisms to assign risk to their systems so they may apply appropriate mitigating controls.\n This paper attempts to describe a classification scheme that will permit the comparison of seemingly different identification and authentication (I&A) technologies on the basis of their vulnerability to attacks. With a better understanding of related authentication technologies, companies can determine the appropriate technology to use for mitigating authentication risks.","PeriodicalId":269454,"journal":{"name":"Symposium on Identity and Trust on the Internet","volume":"101 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-03-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Identity protection factor (IPF)\",\"authors\":\"Arshad Noor\",\"doi\":\"10.1145/1373290.1373293\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Since the dawn of computing, operating systems and applications have used many schemes to identify and authenticate entities accessing resources within computers. While the technologies and schemes have varied, there appears to have been little attempt to classify them based on their ability to resist attacks from unauthorized entities.\\n With the proliferation of identity management technologies in the market today, it is becoming increasingly difficult to assess and compare them with each other. As the threat level continues to rise on the internet, and regulations governing information technology continue to grow, risk managers need more objective mechanisms to assign risk to their systems so they may apply appropriate mitigating controls.\\n This paper attempts to describe a classification scheme that will permit the comparison of seemingly different identification and authentication (I&A) technologies on the basis of their vulnerability to attacks. With a better understanding of related authentication technologies, companies can determine the appropriate technology to use for mitigating authentication risks.\",\"PeriodicalId\":269454,\"journal\":{\"name\":\"Symposium on Identity and Trust on the Internet\",\"volume\":\"101 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-03-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Symposium on Identity and Trust on the Internet\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1373290.1373293\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Symposium on Identity and Trust on the Internet","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1373290.1373293","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Since the dawn of computing, operating systems and applications have used many schemes to identify and authenticate entities accessing resources within computers. While the technologies and schemes have varied, there appears to have been little attempt to classify them based on their ability to resist attacks from unauthorized entities.
With the proliferation of identity management technologies in the market today, it is becoming increasingly difficult to assess and compare them with each other. As the threat level continues to rise on the internet, and regulations governing information technology continue to grow, risk managers need more objective mechanisms to assign risk to their systems so they may apply appropriate mitigating controls.
This paper attempts to describe a classification scheme that will permit the comparison of seemingly different identification and authentication (I&A) technologies on the basis of their vulnerability to attacks. With a better understanding of related authentication technologies, companies can determine the appropriate technology to use for mitigating authentication risks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
