This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Knowledge Based Authentication Performance Metrics Project"
(→Openhub) |
(→Main) |
||
| Line 48: | Line 48: | ||
==== Monday December 8, 2014 at 11:00 AM US Eastern Time ==== | ==== Monday December 8, 2014 at 11:00 AM US Eastern Time ==== | ||
Our Meetings are Open and All are Welcome to Attend | Our Meetings are Open and All are Welcome to Attend | ||
| + | |||
| + | ==== AGENDA ==== | ||
| + | |||
| + | *Convene and Introductions | ||
| + | |||
| + | *Draft Project Policies Updates | ||
| + | *Discuss and Document Tools/Ways (Procedures) of our Project's Community Updates | ||
| + | *Information Management Updates | ||
| + | |||
| + | *Discussions: Next Steps on Research | ||
| + | *** IDESG KBAPM Project Questions | ||
| + | *** Update from Luis on Research | ||
| + | |||
| + | <!-- ** Keep the context in mind, future, near future and current practices --> | ||
| + | <!-- *** static kba, dynamic kba | ||
| + | *** personal personas, pseudonyms, what are the laws around kba? public facing persona, inward facing identity, get a lawyer to create and protect persona, look at gaps and missing, NIST KBA Brian Lawler | ||
| + | ** Who is the "user" we are researching for? User Experience, Business Experience | ||
| + | ** Ethical, technical, business consideration, risk evaluation, identity uses issues, relationship to authentication, --> | ||
| + | ** What laws in US govern? IFROS European Court of Justice Privacy, Asia, | ||
| + | *Update on Application to Conference in Amsterdam | ||
| + | *Take aways: Tasks | ||
| + | ** | ||
| + | *Schedule next meeting | ||
| + | *Adjourn | ||
==== WHERE ==== | ==== WHERE ==== | ||
| Line 64: | Line 88: | ||
<br> | <br> | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
<!-- == Previous Meeting(s)== | <!-- == Previous Meeting(s)== | ||
Revision as of 16:36, 3 December 2014
|
The KBAPM ProjectThere is a lack of standard performance metrics regarding the use of knowledge based authentication (KBA) for remote identity proofing. KBAPMP's goal is to establish standard performance metrics for knowledge based authentication.
What is Knowledge Based Authentication?Knowledge-based authentication, commonly referred to as KBA, is a method of authentication which seeks to prove the identity of someone accessing a service, such as a website. As the name suggests, KBA requires the knowledge of personal information of the individual to grant access to the protected material. There are two types of KBA: "static KBA", which is based on a pre-agreed set of "shared secrets"; and "dynamic KBA", which is based on questions generated from a wider base of personal information. LicensingCreative Commons Attribution ShareAlike 3.0 License
|
Project LeadersProject ManagerJoin our Mailing ListOur Next MeetingMonday December 8, 2014 at 11:00 AM US Eastern TimeOur Meetings are Open and All are Welcome to Attend AGENDA
WHEREGoToMeeting https://www3.gotomeeting.com/join/642177878 Access Code: 642-177-878 2. Use your microphone and speakers (VoIP) - a headset is recommended. Or, call in using your telephone.
Dial +1 (571) 317-3112
Audio PIN: Shown after joining the meeting
Meeting ID: 642-177-878
GoToMeeting®
Online Meetings Made Easy®
Not at your computer? Click the link to join this meeting from your iPhone®, iPad® or Android® device via the GoToMeeting app
Related ProjectsOpenhubwww.openhub.net/ Open Hub is an open source directory that anyone can edit. It features comprehensive metrics and analysis on thousands of open source projects. Quick DownloadNews and EventsIn PrintClassifications
| |||||
How can I participate in your project?
All you have to do is make the Project Leader's aware of your available time to contribute to the project. It is also important to let the Leader's know how you would like to contribute and pitch in to help the project meet it's goals and milestones. There are many different ways you can contribute to an OWASP Project, but communication with the leads is key.
If I am not a programmer can I participate in your project?
Yes, you can certainly participate in the project if you are not a programmer or technical. The project needs different skills and expertise and different times during its development. Currently, we are looking for researchers, writers, graphic designers, and a project administrator.
Contributors
OWASP KBAPMP - Knowledge Based Authentication Performance Metrics Project
Goals - To meet the requirements of the IDESG KBA Solicitation:
Road Map:
- Survey and research the Global OWASP Community and other networks to identify and recruit appropriate participation.
- Develop Opinion polls, foundations' research, interviews, perspectives on project, input from communities outside of the networks.
- Survey and research other standards groups and their interests.
- Phase I footprinting
- Phase II Development
- Phase III Implementation, Lessons Learned, Continuous refinement, Ongoing participation model, etc.
- Research Licensing models
