National Authentication Framework Implementation Study

Abstract

The move towards e-government has seen many institutions put special focus on the need for security, especially that of authentication. Single-factor password-based systems have been proven inadequate in safeguarding online financial and e-government service transactions. Industry adoption of Two-Factor Authentication (2FA) has also been piecemeal. To mitigate these deficiencies, the Singapore Government, in 2008, put forth a Call-for-Collaboration (CFC) seeking industry and academic participation in defining a National Authentication Framework (NAF), with the dual aim of providing for a national-level 2FA system and broadening the market for authentication services, and, in so doing, provide the user with a better authentication experience. This thesis will detail, discuss, and compare the various token types and identity frameworks (PKI, SAML, WS-F, OpenID, and Infocard) that make up an authentication system, and make recommendations on the best combination of technologies, protocols, and standards that, when implemented, would not only fulfill the requirements of the CFC, but also position it well for future enhancement.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 01, 2009
Accession Number
ADA514358

Entities

People

  • Mok Chuan-hao

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Authentication
  • Biometrics
  • Computer Access Control
  • Computers
  • Electronic Mail
  • Governments
  • Identification
  • Information Systems
  • Network Science
  • Operating Systems
  • Reliability
  • Security Protocols
  • Standards
  • Transport Protocols
  • Two-Factor Authentication
  • Verification
  • Wireless Communications

Readers

  • Cybersecurity.
  • East Asian Political and Security Studies within the Soviet Union
  • Strategic Security Studies