• DocumentCode
    1757745
  • Title

    Authentication at Scale

  • Author

    Grosse, E. ; Upadhyay, M.

  • Volume
    11
  • Issue
    1
  • fYear
    2013
  • fDate
    Jan.-Feb. 2013
  • Firstpage
    15
  • Lastpage
    22
  • Abstract
    Like many in the industry, the authors believe passwords and simple bearer tokens, such as cookies, are no longer sufficient to keep users safe. Google employs a base level of sophisticated server-side technologies, such as SSL and risk analysis, to protect users with plain old passwords; however, it´s also investing in client-side technologies, such as strong authentication with two-step verification using one-time passwords and public-key-based technology, for stronger user and device identification. It´s championing various approaches to access delegation, both in its applications and with third parties, so that end user credentials aren´t passed around insecurely.
  • Keywords
    authorisation; public key cryptography; Google; client-side technologies; device identification; end user credentials; one-time passwords; plain old passwords; public-key-based technology; simple bearer tokens; sophisticated server-side technologies; two-step verification; user identification; Access control; Authentication; Computer security; Electronic mail; Passwords; Privacy; Servers; OAuth; authentication; delegation; passwords; second factor;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2012.162
  • Filename
    6381399
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1757745