Maarten Wegdam's Blog

A blog on digital identity, mobile, context, innovation, privacy, trust, security and more

Home
Scientific publications
About

Step-up authentication as-a-Service

2013/01/07

IDentity-as-a-Service (IDaaS) was a hot topic in 2012 (e.g., this blog post of Dave Kearns), and probably will continue to be so in 2013. In a project for and with SURFnet (Dutch NREN) Novay designed a IDaaS-like service to make existing identities more trustworthy: Step-up authentication as-a-Service. (No idea more to abbreviate this: SuaaaS?) The Step-up authentication as-a-Service we designed addresses this need by making it possible to increase the trustworthyness (put differently: increase the level of assurance) of identities in an existing identity federation. The service addresses both the technology and the process/registration side: a second factor authentication and an additional face-2-face check who this digital identity (and second factor) actually belongs to.

From a user perspective, the service has a self-service interface to register a second factor (see mockup below), an interface for the identity providers for user management (see second mock-up below) and of course every time a step-up authentication is needed the user is re-directed to the Step-up authentication as-a-Service to authenticate with this second factor.

Read the rest of this entry »

Leave a Comment » | Uncategorized | Tagged: authentication, cloud, identity, identity federation, Levels of Assurance, security | Permalink
Posted by Maarten Wegdam

Tooling and methologies for privacy & security in the cloud

2012/08/12

We recently finished a project on privacy& security in the cloud for SURFnet (Dutch NREN, responsible for the Dutch research network and middleware services on top of this). Basically, we supplemented work of others that focussed on the contractual and legal perspective with a more technology perspective. We listed what an organisation can do themselves to improve privacy & security when taking applications to the cloud, focussing on authentication, autorisation, provisioning/account management and encryption. Below a more eloborate blog post in Dutch.

Zelf zorgen voor security en privacy in de cloud

Read the rest of this entry »

2 Comments | Uncategorized | Tagged: authentication, authorization, cloud, identity federation, security | Permalink
Posted by Maarten Wegdam

RSS - Posts
Email Subscription

Enter email address to follow this blog by email.
Search
Twitter (partly Dutch)
- MinBZK overweegt "centraal gereguleerde prijsstelling” voor private eID middelen (lees: Idensys), ipv aan markt overlaten. #kamerbrief 4 days ago
- MinBZK in kamerbrief over eID: prioriteit bij publieke middelen substantieel en hoog. Dus DigiD ipv Idensys en iDIN tweedekamer.nl/downloads/docu… 4 days ago
- MinBZK in kamerbrief over eID: prioriteit bij publieke middelen substantieel en hoog. Dus DigiD ipv Idensys en iDIN tweedekamer.nl/downloads/docu… 4 days ago
Follow @maartenwegdam
Blogroll
Me
age verification authentication authorization award biometrics business model cloud consent context DigiD e-health eID Idensys identity identity federation identity theft InfoCard Levels of Assurance mobile mobile-centric identity OpenID phishing privacy SAML security trust framework user centric identity
Archives
Archives

Blog at WordPress.com.