Abstract
OK, so the talk that I’ve got today is entitled “Can We Fix the Security Economics of Federated Authentication?” and some of this is stuff that I did while I was at Google in January and February. I’m on sabbatical this year and so I’m visiting various places, and doing various things that I don’t normally do.
Let’s go back 25 years. When I was a youngster working in industry the sort of problem that you got if you were working with a bank was this. People joined and had to be indoctrinated into four or five systems and get four or five different passwords. You might find that your branch banking system ran under MVS, so you needed a RACF password; your general ledger ran under DB2, so you needed a DB2 password – and that was a different lady in a different building – and if you became the branch’s foreign exchange deputy clerk then you needed a SWIFT password, which was yet another administrative function in yet another building. And of course this played havoc with usability: post-it notes with passwords are a natural reaction to having to remember six of them. And if you tell your staff to change passwords every month, of course they’ll just rotate them.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Anderson, R. (2011). Can We Fix the Security Economics of Federated Authentication? (Transcript of Discussion). In: Christianson, B., Crispo, B., Malcolm, J., Stajano, F. (eds) Security Protocols XIX. Security Protocols 2011. Lecture Notes in Computer Science, vol 7114. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25867-1_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-25867-1_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25866-4
Online ISBN: 978-3-642-25867-1
eBook Packages: Computer ScienceComputer Science (R0)