ID Number: G00203193



User Authentication
29 June 2006
 
Mark Diodati  

As organizations work to secure their resources, architects must establish a strategy for authentication. In this revision, Analyst Mark Diodati addresses primary and supplemental authentication mechanisms. In addition, he makes recommendations about how best to authenticate users based on identity assurance level, user constituency, services required (e.g., public key infrastructure [PKI] or facilities access), and tolerance for authenticator and workstation software.





*
Unavailable for individual purchase
For information on how to gain access to this and other documents,
click here.








Document History


Browse Topics


Other Options







Contact Gartner




For information on how to gain access to this and other documents, click here.
 You or your organization may already own this document. Register now to find out. Your Gartner Membership Administrator can supply the needed License Key(s).
You will not lose your document during registration.
Sign in here:
Username:

Password:
Forgot your username
or password?







This document is not available as part of your current Gartner subscription. For pricing and availability of the full document, please contact your Gartner account representative. Your account representative can also give you more information about your current subscription and other access options that may be available to you. If you do not have a Gartner account representative, call +1 203 316 1200 for assistance.

Table of Contents

Contents
  • Decision Point
  • Typical Requirements
    • Identity Assurance
      • Identity Proofing
      • Identity Assurance Drivers
      • Authentication Factors
    • Cost Management
    • Elevated Authentication
    • User Constituencies
      • Employees and Contractors
      • Partners and Consumers
  • Alternatives
    • Passwords
    • OTPs
      • Cryptographic Hardware Tokens
      • Cryptographic Software Tokens
      • Grid Cards
      • Message-Based OTP
      • Digital Signing OTPs
    • Smart Cards
    • Smart Card/OTP Hybrid
    • Certificate Store
    • Mobile PKI Software
    • Mobile PKI Software and OTP
    • Biometrics
      • Fingerprint
      • Voice
      • Behavioral
    • KBA
    • Supplemental Authentication Methods
      • Out-of-Band Identity Proofing
      • Risk Analytics
      • Device Identification
      • Anti-Phishing Services
      • Digital Watermarks
      • Typing Biometrics
  • Future Developments
    • Maturation of Phishing Attacks
    • Stronger Authentication of Consumers
    • Increased Deployment of Smart Card Technologies
    • “Frankensteining” of Authenticators
    • Supplemental Authentication Methods in the Enterprise
  • Evaluation Criteria
  • Statement & Basis for Position
    • Very-High Identity Assurance Position
      • Use an ISO 7816 form factor smart card with biometric.
    • High Identity Assurance (Employee/Contractor) Position
      • Use an ISO 7816 form factor smart card with a PIN.
      • Use a hybrid USB smart card/OTP device.
      • Use a USB form factor smart card with a PIN.
      • Use a cryptographic OTP device.
    • High Identity Assurance (Partner/Consumer) Position
      • Use a cryptographic OTP device.
      • Use mobile PKI software with a cryptographic OTP device.
    • Medium Identity Assurance Level Position
      • Use fingerprint biometrics.
      • Use mobile PKI software with password.
      • Use grid cards.
      • Use passwords with supplemental authentication methods.
    • Low Identity Assurance Level Position
      • Use a password.
  • Relationship to Other Components
  • Revision History
Figures
Figure 1.
VeriSign OTP Device
Figure 2.
IdentityGuard Card and Login Dialogue
Figure 3.
VASCO Digipass Pro 260 for Digital Signing
Figure 4.
Smart Card/OTP Hybrid
Figure 5.
Fingerprint Biometric Reader
Figure 6.
OTP Embedded in ISO 7816 Form Factor—Smart Card Chip Not Shown
Figure 7.
Prototype Smart Card with Biometric Reader


Document History:
 
Authentication
24 February 2011
  
User Authentication
29 June 2006
  




Browse Topics:
 
Identity and Access Management
Identity Authentication




© 2006 Burton Group. All rights reserved.




Resource Id: 1405006