This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
dido:public:s_cli:05_contents:02_prt:identity:01_problem:start [2021/07/29 12:21] nick |
dido:public:s_cli:05_contents:02_prt:identity:01_problem:start [2021/08/17 13:41] (current) murphy |
||
|---|---|---|---|
| Line 23: | Line 23: | ||
| MFA can use other attributes in combination with the other [[dido:public:ra:xapend:xapend.a_glossary:a:authentication|authentication]] factors about any transaction: | MFA can use other attributes in combination with the other [[dido:public:ra:xapend:xapend.a_glossary:a:authentication|authentication]] factors about any transaction: | ||
| - | * **[[dido:public:ra:xapend:xapend.a_glossary:l:location_factor]]** include using the user's current geographic location as determined by Global Positioning System (GPS) or using mobile device radio tower triangulation. Location Factors are generally not used as a sole source of identification but are used in combination with other identifying factors such as Knowledge, Possession, or Inherence. For example, an attempt is made to sign-on to a site using the user's user id and [[dido:public:ra:xapend:xapend.a_glossary:p:password]] but is doing so from a different location. The server rejects the sign-on because it uses the combination of the user/password and location to confirm the identity of the user. | + | * **[[dido:public:ra:xapend:xapend.a_glossary:l:location_factor]]** include using the user's current geographic location as determined by Global Positioning System (GPS) or using mobile device radio tower triangulation. Location Factors are generally not used as a sole source of [[dido:public:ra:xapend:xapend.a_glossary:i:identification|identification]] but are used in combination with other identifying factors such as Knowledge, Possession, or Inherence. For example, an attempt is made to sign-on to a site using the user's user id and [[dido:public:ra:xapend:xapend.a_glossary:p:password]] but is doing so from a different location. The [[dido:public:ra:xapend:xapend.a_glossary:s:server|server]] rejects the sign-on because it uses the combination of the user/password and location to confirm the identity of the user. |
| * **[[dido:public:ra:xapend:xapend.a_glossary:t:time_factor]]** includes using the time of a transaction to help verify the identity of the user. Time, as with Location, is not by itself to determine the identity of a user, but adding it with location is a powerful tool. For example, two transactions are requested about an hour about and in geographic locations that would take more than an hour to travel between the two locations. Also, it is known based on a person's history, they never perform transactions during normal working hours or after 11:00 pm local time. Another use of time is the notification by the user of travel schedule including date, times, and location. Transactions requested outside the schedule are rejected. | * **[[dido:public:ra:xapend:xapend.a_glossary:t:time_factor]]** includes using the time of a transaction to help verify the identity of the user. Time, as with Location, is not by itself to determine the identity of a user, but adding it with location is a powerful tool. For example, two transactions are requested about an hour about and in geographic locations that would take more than an hour to travel between the two locations. Also, it is known based on a person's history, they never perform transactions during normal working hours or after 11:00 pm local time. Another use of time is the notification by the user of travel schedule including date, times, and location. Transactions requested outside the schedule are rejected. | ||