Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen Revision Vorhergehende Überarbeitung | |||
de:aai:refeds_authn_profiles_idp [2022/02/08 17:13] – Wolfgang Pempe | de:aai:refeds_authn_profiles_idp [2022/02/08 17:18] (aktuell) – Wolfgang Pempe | ||
---|---|---|---|
Zeile 23: | Zeile 23: | ||
Falls die MFA-Prozesse und -Policies den Anforderungen des REFEDS Multi-Factor Authentication Profiles genügen: | Falls die MFA-Prozesse und -Policies den Anforderungen des REFEDS Multi-Factor Authentication Profiles genügen: | ||
- | * The authentication of the user’s current session used a combination of at least two of the four distinct types of factors defined in ITU-T X.1254: Entity authentication assurance framework, section 3.1.3, authentication factor (something you know, something you have, something you are, something you do) [4]. | + | * The authentication of the user’s current session used a combination of at least two of the four distinct types of factors defined in ITU-T X.1254: Entity authentication assurance framework, section 3.1.3, authentication factor (something you know, something you have, something you are, something you do). |
* The factors used are independent, | * The factors used are independent, | ||
* The combination of the factors mitigates single-factor only risks related to non-real-time attacks such as phishing, offline cracking, online guessing and theft of a (single) factor. | * The combination of the factors mitigates single-factor only risks related to non-real-time attacks such as phishing, offline cracking, online guessing and theft of a (single) factor. |