Standard

PASSWORDLESS AUTHENTICATION USING MAGIC LINK TECHNOLOGY. / Matiushin, Iurii; Korkhov, Vladimir.

In: CEUR Workshop Proceedings, Vol. 3041, 01.12.2021, p. 434-438.

Research output: Contribution to journalConference articlepeer-review

Harvard

Matiushin, I & Korkhov, V 2021, 'PASSWORDLESS AUTHENTICATION USING MAGIC LINK TECHNOLOGY', CEUR Workshop Proceedings, vol. 3041, pp. 434-438.

APA

Vancouver

Matiushin I, Korkhov V. PASSWORDLESS AUTHENTICATION USING MAGIC LINK TECHNOLOGY. CEUR Workshop Proceedings. 2021 Dec 1;3041:434-438.

Author

Matiushin, Iurii ; Korkhov, Vladimir. / PASSWORDLESS AUTHENTICATION USING MAGIC LINK TECHNOLOGY. In: CEUR Workshop Proceedings. 2021 ; Vol. 3041. pp. 434-438.

BibTeX

@article{1d4eccedf1db41fda71006ca6e0dfa82,
title = "PASSWORDLESS AUTHENTICATION USING MAGIC LINK TECHNOLOGY",
abstract = "Nowadays, the problem of identification and authentication on the Internet is more urgent than ever. There are several reasons for this: on the one hand, there are many Internet services that keep records of users and differentiate their access rights to certain resources; on the other hand, cybercriminals' attacks on web services have become much more frequent lately. At the same time, in many cases, the weak point of systems exposed to attacks is precisely the authentication system. Authentication methods based on the knowledge factor (e. g. password protection) are the most common and are applied almost everywhere. Their advantages are ease and low cost of implementation. On the other hand, such systems are often vulnerable to various kinds of attacks. It is estimated that up to 80% of successful hacker attacks (including attacks on the largest services with millions of users) succeeded precisely because of the weakness of the password protection system. This paper presents a solution to the problem of passwordless authentication, which can be applied in a number of online services and systems. In particular, we consider the magic link technology and present an authentication system implemented using Keycloak, an open-source software product that implements single sign-on technology. In the future, it is possible to further improve the system, in particular, using adaptive authentication, which allows switching between different authentication mechanisms depending on certain factors.",
keywords = "Authentication, Magic link technology, Passwordless",
author = "Iurii Matiushin and Vladimir Korkhov",
note = "Publisher Copyright: {\textcopyright} 2021 CEUR-WS. All rights reserved.; 9th International Conference {"}Distributed Computing and Grid Technologies in Science and Education{"}, GRID 2021 ; Conference date: 05-07-2021 Through 09-07-2021",
year = "2021",
month = dec,
day = "1",
language = "English",
volume = "3041",
pages = "434--438",
journal = "CEUR Workshop Proceedings",
issn = "1613-0073",
publisher = "RWTH Aahen University",
url = "https://indico.jinr.ru/event/1086/overview",

}

RIS

TY - JOUR

T1 - PASSWORDLESS AUTHENTICATION USING MAGIC LINK TECHNOLOGY

AU - Matiushin, Iurii

AU - Korkhov, Vladimir

N1 - Conference code: 9

PY - 2021/12/1

Y1 - 2021/12/1

N2 - Nowadays, the problem of identification and authentication on the Internet is more urgent than ever. There are several reasons for this: on the one hand, there are many Internet services that keep records of users and differentiate their access rights to certain resources; on the other hand, cybercriminals' attacks on web services have become much more frequent lately. At the same time, in many cases, the weak point of systems exposed to attacks is precisely the authentication system. Authentication methods based on the knowledge factor (e. g. password protection) are the most common and are applied almost everywhere. Their advantages are ease and low cost of implementation. On the other hand, such systems are often vulnerable to various kinds of attacks. It is estimated that up to 80% of successful hacker attacks (including attacks on the largest services with millions of users) succeeded precisely because of the weakness of the password protection system. This paper presents a solution to the problem of passwordless authentication, which can be applied in a number of online services and systems. In particular, we consider the magic link technology and present an authentication system implemented using Keycloak, an open-source software product that implements single sign-on technology. In the future, it is possible to further improve the system, in particular, using adaptive authentication, which allows switching between different authentication mechanisms depending on certain factors.

AB - Nowadays, the problem of identification and authentication on the Internet is more urgent than ever. There are several reasons for this: on the one hand, there are many Internet services that keep records of users and differentiate their access rights to certain resources; on the other hand, cybercriminals' attacks on web services have become much more frequent lately. At the same time, in many cases, the weak point of systems exposed to attacks is precisely the authentication system. Authentication methods based on the knowledge factor (e. g. password protection) are the most common and are applied almost everywhere. Their advantages are ease and low cost of implementation. On the other hand, such systems are often vulnerable to various kinds of attacks. It is estimated that up to 80% of successful hacker attacks (including attacks on the largest services with millions of users) succeeded precisely because of the weakness of the password protection system. This paper presents a solution to the problem of passwordless authentication, which can be applied in a number of online services and systems. In particular, we consider the magic link technology and present an authentication system implemented using Keycloak, an open-source software product that implements single sign-on technology. In the future, it is possible to further improve the system, in particular, using adaptive authentication, which allows switching between different authentication mechanisms depending on certain factors.

KW - Authentication

KW - Magic link technology

KW - Passwordless

UR - http://www.scopus.com/inward/record.url?scp=85121595819&partnerID=8YFLogxK

M3 - Conference article

AN - SCOPUS:85121595819

VL - 3041

SP - 434

EP - 438

JO - CEUR Workshop Proceedings

JF - CEUR Workshop Proceedings

SN - 1613-0073

T2 - 9th International Conference "Distributed Computing and Grid Technologies in Science and Education", GRID 2021

Y2 - 5 July 2021 through 9 July 2021

ER -

ID: 91158906