On the design of a multi-factor-authentication-as-a-service service

Multi‐factor authentication solutions are needed, yet are prohibitively expensive and complex for most identity providers in academic federations. Introducing multi‐factor authentication within a federation is really only sensible if registration (enrollment of an authentication token) procedures also warrant a strict higher level of assurance. This talk describes our experiences with designing an NREN operated multi‐factor‐authentication‐as‐a‐service service. Both the technical (architecture, standards) and the procedural (registration, logging, de‐registration) challenges will be discussed.



  • Martijn Oostdijk
  • Roland van Rijswijk‐Deij
  • Eefje van der Harst
  • Maarten Wegdam
  • Bob Hulsebosch

Part of session

Beyond basic authentication

Related documents