Got Ya! -- Sensors for Identity Management Specific Security Situational Awareness
By: Daniela Pöhn, Heiner Lüken
Potential Business Impact:
Spots fake logins to protect computer accounts.
Security situational awareness refers to identifying, mitigating, and preventing digital cyber threats by gathering information to understand the current situation. With awareness, the basis for decisions is present, particularly in complex situations. However, while logging can track the successful login into a system, it typically cannot determine if the login was performed by the user assigned to the account. An account takeover, for example, by a successful phishing attack, can be used as an entry into an organization's network. All identities within an organization are managed in an identity management system. Thereby, these systems are an interesting goal for malicious actors. Even within identity management systems, it is difficult to differentiate legitimate from malicious actions. We propose a security situational awareness approach specifically to identity management. We focus on protocol-specifics and identity-related sources in a general concept before providing the example of the protocol OAuth with a proof-of-concept implementation.
Similar Papers
Mind the Gap: Revealing Security Barriers through Situational Awareness of Small and Medium Business Key Decision-Makers
Cryptography and Security
Helps small businesses protect themselves online.
Situational Awareness as the Imperative Capability for Disaster Resilience in the Era of Complex Hazards and Artificial Intelligence
Computers and Society
Helps disaster teams see and fix problems faster.
Saliency-Based Attention Shifting: A Framework for Improving Driver Situational Awareness of Out-of-Label Hazards
Robotics
Keeps drivers focused for safer self-driving.