RBA Configuration by Administrators

Global

Supervision: Philipp Markert

Start date: as soon as possible

Duration: 6 Monate

More details:

Description

Risk-based authentication is used to increase the security of user accounts by checking additional information besides the authentication secret, e.g., the location from where the attempt was initiated, when it was initiated, or device that was used. This information is compared to previously collected information to calculate a risk score and decide how to proceed with the authentication attempt. It is possible to permit or block the request or to include an additional check. The risk scores as well as the wording is crucial in order to make sure that users understand the process and act accordingly. Therefor, it is important that the administrators who implement the described mechanisms do so properly.

The task of this master thesis is to provide a first insight into how administrators would configure risk-based authentication. This will be done by developing a study that mimics the setup and configuration of risk-based authentication and prototyping it.

Requirements

  • Profound programming skills
  • (Advanced in web development)