A Multi-Layered Approach to Securing Enterprise Applications by Using TLS, Two-Factor Authentication and Single Sign-On
| Title | A Multi-Layered Approach to Securing Enterprise Applications by Using TLS, Two-Factor Authentication and Single Sign-On |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Bekmezci, A. B., Eri\c s, Ç, Bölük, P. S. |
| Conference Name | 2018 26th Signal Processing and Communications Applications Conference (SIU) |
| Publisher | IEEE |
| ISBN Number | 978-1-5386-1501-0 |
| Keywords | application data, authentication, authentication application, Computer crime, Dogs, enterprise applications, Human Behavior, human factors, information and communication technology, information protection, Information Security concept, Internet, Internet attackers, IP networks, mobile computing, Mobile Internet applications, multilayered approach, MultiLayered Framework, One-Time Password (OTP), one-time passwords, OTP mechanism, password, pubcrawl, security, security of data, security requirements, Security Token, single sign-on authentication, single sign-on capability, Two factor Authentication, two-factor authentication |
| Abstract | With the recent advances in information and communication technology, Web and Mobile Internet applications have become a part of our daily lives. These developments have also emerged Information Security concept due to the necessity of protecting information of institutions from Internet attackers. There are many security approaches to provide information security in Enterprise applications. However, using only one of these approaches may not be efficient enough to obtain security. This paper describes a Multi-Layered Framework of implementing two-factor and single sign-on authentication together. The proposed framework generates unique one-time passwords (OTP), which are used to authenticate application data. Nevertheless, using only OTP mechanism does not meet security requirements. Therefore, implementing a separate authentication application which has single sign-on capability is necessary. |
| URL | https://ieeexplore.ieee.org/document/8404773 |
| DOI | 10.1109/SIU.2018.8404773 |
| Citation Key | bekmezci_multi-layered_2018 |
- Mobile Internet applications
- two-factor authentication
- two factor authentication
- single sign-on capability
- single sign-on authentication
- Security Token
- security requirements
- security of data
- security
- pubcrawl
- password
- OTP mechanism
- one-time passwords
- One-Time Password (OTP)
- MultiLayered Framework
- multilayered approach
- application data
- mobile computing
- IP networks
- Internet attackers
- internet
- Information Security concept
- information protection
- information and communication technology
- Human Factors
- Human behavior
- enterprise applications
- Dogs
- Computer crime
- authentication application
- authentication