Abstract | ||
---|---|---|
Web applications for consumers often require authenticated users in order to offer their services. In this context, consumers expect authentication to be easy to use and their resources to be secured properly. But, authentication in web applications is often vulnerable, e.g., passwords can be stolen, fingerprints can be imitated or the authentication protocol implementation may have a security flaw. Several best practices solving this problem evolved in several web applications. We analyzed such solutions that continuously and transparently collect data on the user to learn their typical behavior and detect anomalies. Based on this analysis, we describe the security pattern risk-based authenticator and exemplify its application in the SmartCampus, a service-oriented web application. |
Year | DOI | Venue |
---|---|---|
2016 | 10.1145/3011784.3011800 | EuroPLoP |
Field | DocType | Citations |
Web development,World Wide Web,Authentication,Computer science,Computer security,Authentication protocol,Web application security,Security pattern,Web application,Web service,WS-Policy | Conference | 0 |
PageRank | References | Authors |
0.34 | 3 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Roland H. Steinegger | 1 | 0 | 0.34 |
Daniel Deckers | 2 | 0 | 0.34 |
Pascal Giessler | 3 | 0 | 0.34 |
Sebastian Abeck | 4 | 170 | 30.71 |