Levels of Authentication Assurance: an Investigation

Manchester, United Kingdom August 29-August 31

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/IAS.2007.88

2007 The Third International Symposiu ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Aleksandra Nenadic Articles by Ning Zhang Articles by Li Yao Articles by Terry Morrow

	ASCII Text	x
	Aleksandra Nenadic, Ning Zhang, Li Yao, Terry Morrow, "Levels of Authentication Assurance: an Investigation," Information Assurance and Security, International Symposium on, pp. 155-160, 2007 The Third International Symposium on Information Assurance and Security, 2007.

	BibTex	x
	@article{ 10.1109/IAS.2007.88, author = {Aleksandra Nenadic and Ning Zhang and Li Yao and Terry Morrow}, title = {Levels of Authentication Assurance: an Investigation}, journal ={Information Assurance and Security, International Symposium on}, volume = {0}, year = {2007}, isbn = {0-7695-2876-7}, pages = {155-160}, doi = {http://doi.ieeecomputersociety.org/10.1109/IAS.2007.88}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Information Assurance and Security, International Symposium on TI - Levels of Authentication Assurance: an Investigation SN - 0-7695-2876-7 SP155 EP160 A1 - Aleksandra Nenadic, A1 - Ning Zhang, A1 - Li Yao, A1 - Terry Morrow, PY - 2007 KW - null VL - 0 JA - Information Assurance and Security, International Symposium on ER -

Aleksandra Nenadic, University of Manchester, UK

Ning Zhang, University of Manchester, UK

Li Yao, University of Manchester, UK

Terry Morrow, University of Manchester, UK

The ES-LoA project, funded by the UK Joint Information Systems Committee (JISC) under its e- Infrastructure Security Programme, investigates current and future needs among UK research and education community for a more fine-grained authorisation scheme that would allow service providers to take into account of the levels of confidence in identifying a remote entity requesting for service access. Such a fine-grained authorisation scheme is attractive to service providers offering resources with varying levels of sensitivity and/or wishing to tailor their security protections based upon risk levels. Service providers may wish to restrict access to more sensitive resources only to those who have gone through a more stringent authentication process, or given the same remote entity, require the use of a stronger authentication token should the access request come from a more risky environment. In this way, the quality of an authentication instance, expressed as an authentication Level of Assurance (LoA), becomes one of the parameters used in access control decision making. This paper investigates the current worldwide efforts in defining LoA and identifies gaps in existing definitions when they are applied to a federated environment.

Citation:

Aleksandra Nenadic, Ning Zhang, Li Yao, Terry Morrow, "Levels of Authentication Assurance: an Investigation," ias, pp.155-160, 2007 The Third International Symposium on Information Assurance and Security, 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.