An Integrated Two-Factor Authentication Solution Using Pulse Connect Secure and Apache HTTP Server
- Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
Complex system requirements can often lead to a situation wherein no single product or platform can provide a solution. In these cases, a solution integrating the features of multiple products and platforms is needed. Recently, a program sponsor required discontinued use of a third-party Security Assertion Markup Language Identity Provider that was being used to implement a two-factor authentication (2FA) solution that fully integrated with Pulse Connect Secure (PCS). PCS alone could not provide the features necessary to meet all the requirements of a new 2FA solution. The challenge was to leverage the features of additional platforms to design an integrated solution to meet all requirements. This paper presents a solution that integrates the features of PCS, Apache HyperText Transfer Protocol Server, and a custom application that meets all requirements, including a requirement to defend against Uniform Resource Locator manipulation as means to gain unauthorized access to backend applications.
- Research Organization:
- Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC05-00OR22725
- OSTI ID:
- 1649375
- Report Number(s):
- ORNL/TM-2020/1324
- Country of Publication:
- United States
- Language:
- English
Similar Records
Authentication techniques for smart cards
Provably Secure Password-based Authentication in TLS