Degree Type

Creative Component

Semester of Graduation

Fall 2019

Department

Electrical and Computer Engineering

First Major Professor

Doug Jacobson

Degree(s)

Master of Science (MS)

Major(s)

Information Assurance

Abstract

Multi-factor authentication has been shown to be an effective method to reduce the risk of remote attacks, because it prevents many attackers from easily gaining an initial foothold into an organization. Many sites only support single factor authentication based on passwords which have well known weaknesses. This paper describes MFAProxy, a reverse proxy that adds multi-factor authentication to sites that currently do not support it. The proxy can be deployed in a variety of configurations within a network to meet specific security goals. It supports flexible combinations of several factors including passwords, one-time passwords, and tokens based on public-key cryptography. Each of these factors offer a unique balance of security and usability that must be considered when an organization deploys multi- factor authentication.

Copyright Owner

Schmitz, Alan

File Format

PDF

Share

COinS