Hi All,
Since the introduction of multi-user computer systems, user authentication has primarily relied on the use of usernames and passwords. To strengthen the authentication process, Multi-Factor Authentication (MFA) requires the user to present multiple elements in different categories, or "factors", as part of an authentication attempt. These factors are something you have, something you know, and something you are. Similarly, Single Sign-On (SSO) provides a risk mitigation capability by centralizing the management and control of authentication and access across multiple systems and from multiple identity providers. Implemented properly, it can raise the authentication assurance level required for initial sign on and can control and secure the authentication and authorization information passed between systems.
Following on the work the Enduring Security Framework (ESF) published on identity and access management (IAM) best practices for administrators, targeted for administrators to make the best use of existing solutions, a working panel staffed by subject matter experts from both government and industry was tasked with assessing developer and vendor challenges relating to IAM. The working panel specifically identified the adoption and secure employment of MFA and SSO technologies as a key developer and vendor challenge that has been difficult to meet with the technology that is currently available.
------------------------------
Michael Roza CPA, CISA, CIA, CC, MBA, Exec MBA, CSA Research Fe
------------------------------