diff --git a/src/ontology/d3fend-protege.ttl b/src/ontology/d3fend-protege.ttl index eed16b6f..aa32b886 100644 --- a/src/ontology/d3fend-protege.ttl +++ b/src/ontology/d3fend-protege.ttl @@ -3637,6 +3637,18 @@ Wikipedia. (n.d.). Coefficient of variation. [Link](https://en.wikipedia.org/wik rdfs:isDefinedBy ; :definition "A compute server is a system specifically designed to undertake large amounts of computation, usually but not necessarily in a client/server environment." . +:Conditional_Authentication a owl:Class ; + rdfs:label "Conditional Authentication" ; + rdfs:subClassOf :CredentialHardening ; + :definition "Conditional authentication considers the context in which a specific transaction occurs. A decision is made to either allow or deny an authentication action based on these contextual elements and their compliance with the organization’s policy." ; + :kb-article """## How it Works +When a user or device authenticates, it does so within a specific context - a specific application or browser is used, from a network located in a specific country at a particular time of day, for example. This technique differs however from the UEBA techniques that detect contextual anomalies in the normal pattern of behavior. Rather, conditional authentication is granted based on predefined policies put in place by the organization with the aim to make their attack surface smaller. An organization may decide that authentication requests outside of their home country should be denied, regardless of any other factor. + +## Considerations +* Conditional authentication is a key decision element in Zero Trust Architectures. Since ZTA is a set of principles, vendors tend to implement conditional authentication in different ways with varying levels of maturity and capability. +* Restrictive conditional authentication policies may impede legitimate business requests. Before enforcing policies where authentication is denied if the conditional checks fail, policy rules should first be switched on in monitoring mode so that administrators can determine their effectiveness.""" ; + rdfs:seeAlso "https://learn.microsoft.com/en-us/azure/architecture/guide/security/conditional-access-zero-trust" . + :ConferencePaper a owl:Class ; rdfs:label "Conference Paper" ; rdfs:subClassOf :AcademicArticle .