Securing the Digital World

Context-Based, Next-Generation Authentication: Key Traits and Endurance

Feb 03, 2016 | by RSA |

When analyzing a particular component within a security ecosystem, it is always useful to first take a drone's-eye view of the system. This strategy can be used to map precisely where within the infrastructure the component may be deployed most efficiently. Where is its mission critical? Where can it profitably replace an alternative? Where will it be an inefficient or ineffective solution to the security problem at hand?

Adopting this security macro-perspective is equally essential when considering deploying next-generation authentication in your company's information security system. The chosen user verification method must perform effectively in a near-infinitely networked environment with boundless endpoints and types of interfaces.

After reviewing the context of contemporary validation, it seems new methodologies are ideally suited to today's hyper-complex systems. This statement is not the tautology it may at first appear to be-it wasn't always the case that environments were used to inform verification methods and vice versa. However, IT leaders are now ultimately creating context-based user validation methods whose core traits are driven by their environment.

Context Is King in Next-Generation Security

Next-generation verification is context-based. Given the size and fluidity of today's computing environments and the resulting challenges, this security methodology is optimal. In terms of security aesthetics, the beauty of a context-focused approach is that it also encompasses another next-generation approach to user verification: the risk-based authentication approach.

RSA has previously explained that "to be effective in today's world, our verification methods must be able to understand the context of a login attempt, analyze that context to determine risk, and adapt requirements accordingly." Context can be seen as a foundational development principle of next-generation verification. Earlier generations developing validation methods did not analyze context, and those generations conversely did not employ data from verification methods to inform context.

Core Traits of Next-Generation Authentication

A recent article in CSO Online identifies nine core traits of next-generation authentication:

  1. Password-free
  2. Decentralised
  3. Platform-agnostic
  4. Using superior cryptography
  5. Anonymous
  6. Multifactor
  7. Dynamic
  8. Mobile
  9. Scalable

It is relatively straightforward to discern how the amalgam of these traits within a verification model will enable it to capably perform throughout complex contemporary security ecosystems.

Endurance as an Additional Trait

Next-generation authentication must also be enduring. As discussed in "Enduring User Authentication: You Should Be Reimagining Your Strategies," essential steps need to be taken to ensure the endurance of a verification method. Uncoincidentally, these steps also let a method remain next-generation. For example, the consumerization of identification upon the mass adoption of bring-your-own-device policies leads to multi-dimensional considerations that are essential to reimagining system features and creating endurance: portability, reciprocity, context/content analysis, and effectiveness at a large scale. It is through a continual reimagination process that next-generation verification methods will endure.

By developing a user verification system using context- and risk-based methodologies and building these core traits into the system, organizations will have verification systems that are next generation, enduring, and ultimately effective.