Aktuelle Zitatinformationen meiner Publikationen (bereitgestellt durch Google Scholar). Falls Sie sich nur für die wenigen Publikationen auf Deutsch interessieren, finden Sie diese hier im kompakten Ãœberblick und die Liste der gewährten Patente.
2018
Marcel Waldvogel; Thomas Zink
Einfache Zwei-Faktor-Authentisierung Journal Article
In: Digma, vol. 2018, no. 3, 2018, ISSN: 2270000414598.
Abstract | BibTeX | Tags: Passwords, Security, Two-Factor Authentication, Usability | Links:
@article{Waldvogel2018Einfache-2FA,
title = {Einfache Zwei-Faktor-Authentisierung},
author = {Marcel Waldvogel and Thomas Zink},
url = {https://netfuture.ch/wp-content/uploads/2018/09/einfache-zwei-faktor-authentisierung.pdf},
issn = {2270000414598},
year = {2018},
date = {2018-09-30},
urldate = {1000-01-01},
journal = {Digma},
volume = {2018},
number = {3},
abstract = {Der Trend zu Kundennähe und architektonischen Offenheit in Firmen und Behörden führt zu zusätzlichen Herausforderungen bei Datenschutz und -sicherheit. Viel zu häufig fehlen Know-How, Quellcode oder Ressourcen, um die betroffenen Anwendungen an die neuen Sicherheitsanforderungen anzupassen. Wir zeigen auf, wie gerade in diesen Fällen eine Zwei-Faktor-Authentisierung mittels X.509-Zertifikaten eine schnell umsetzbare, einfache, komfortable und trotzdem starke und erweiterbare Sicherheitskomponente sein kann, z.T. ohne Eingriff in die Anwendung.},
keywords = {Passwords, Security, Two-Factor Authentication, Usability},
pubstate = {published},
tppubtype = {article}
}
Der Trend zu Kundennähe und architektonischen Offenheit in Firmen und Behörden führt zu zusätzlichen Herausforderungen bei Datenschutz und -sicherheit. Viel zu häufig fehlen Know-How, Quellcode oder Ressourcen, um die betroffenen Anwendungen an die neuen Sicherheitsanforderungen anzupassen. Wir zeigen auf, wie gerade in diesen Fällen eine Zwei-Faktor-Authentisierung mittels X.509-Zertifikaten eine schnell umsetzbare, einfache, komfortable und trotzdem starke und erweiterbare Sicherheitskomponente sein kann, z.T. ohne Eingriff in die Anwendung.
2017
Thomas Zink; Marcel Waldvogel
X.509 User Certificate-based Two-Factor Authentication for Web Applications Technical Report
Distributed Systems Laboratory, University of Konstanz no. KN-2017-DISY-03, 2017.
Abstract | BibTeX | Tags: Certificates, Identity Management, Security, Two-Factor Authentication, Usability, Web Applications, X509 | Links:
@techreport{Zink2017X509,
title = {X.509 User Certificate-based Two-Factor Authentication for Web Applications},
author = {Thomas Zink and Marcel Waldvogel},
url = {https://netfuture.ch/wp-content/uploads/2017/03/kn-2017-disy-03.pdf},
year = {2017},
date = {2017-03-14},
urldate = {1000-01-01},
number = {KN-2017-DISY-03},
institution = {Distributed Systems Laboratory, University of Konstanz},
abstract = {An appealing property to researchers, educators, and students is the openness
of the physical environment and IT infrastructure of their organizations. How-
ever, to the IT administration, this creates challenges way beyond those of a
single-purpose business or administration. Especially the personally identifiable
information or the power of the critical functions behind these logins, such as
financial transactions or manipulating user accounts, require extra protection in
the heterogeneous educational environment with single-sign-on. However, most
web-based environments still lack a reasonable second-factor protection or at
least the enforcement of it for privileged operations without hindering normal
usage.
In this paper we introduce a novel and surprisingly simple yet extremely flex-
ible way to implement two-factor authentication based on X.509 user certificates
in web applications. Our solution requires only a few lines of code in web server
configuration and none in the application source code for basic protection. Fur-
thermore, since it is based on X.509 certificates, it can be easily combined with
smartcards or USB cryptotokens to further enhance security.},
keywords = {Certificates, Identity Management, Security, Two-Factor Authentication, Usability, Web Applications, X509},
pubstate = {published},
tppubtype = {techreport}
}
An appealing property to researchers, educators, and students is the openness
of the physical environment and IT infrastructure of their organizations. How-
ever, to the IT administration, this creates challenges way beyond those of a
single-purpose business or administration. Especially the personally identifiable
information or the power of the critical functions behind these logins, such as
financial transactions or manipulating user accounts, require extra protection in
the heterogeneous educational environment with single-sign-on. However, most
web-based environments still lack a reasonable second-factor protection or at
least the enforcement of it for privileged operations without hindering normal
usage.
In this paper we introduce a novel and surprisingly simple yet extremely flex-
ible way to implement two-factor authentication based on X.509 user certificates
in web applications. Our solution requires only a few lines of code in web server
configuration and none in the application source code for basic protection. Fur-
thermore, since it is based on X.509 certificates, it can be easily combined with
smartcards or USB cryptotokens to further enhance security.
of the physical environment and IT infrastructure of their organizations. How-
ever, to the IT administration, this creates challenges way beyond those of a
single-purpose business or administration. Especially the personally identifiable
information or the power of the critical functions behind these logins, such as
financial transactions or manipulating user accounts, require extra protection in
the heterogeneous educational environment with single-sign-on. However, most
web-based environments still lack a reasonable second-factor protection or at
least the enforcement of it for privileged operations without hindering normal
usage.
In this paper we introduce a novel and surprisingly simple yet extremely flex-
ible way to implement two-factor authentication based on X.509 user certificates
in web applications. Our solution requires only a few lines of code in web server
configuration and none in the application source code for basic protection. Fur-
thermore, since it is based on X.509 certificates, it can be easily combined with
smartcards or USB cryptotokens to further enhance security.
Weitere Informationen über mich finden Sie auf https://marcel-waldvogel.ch