Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

200: conditional authentication #275

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

200: conditional authentication #275

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions src/ontology/d3fend-protege.ttl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3637,6 +3637,18 @@ Wikipedia. (n.d.). Coefficient of variation. [Link](https://en.wikipedia.org/wik
rdfs:isDefinedBy <https://www.encyclopedia.com/computing/dictionaries-thesauruses-pictures-and-press-releases/compute-server> ;
:definition "A compute server is a system specifically designed to undertake large amounts of computation, usually but not necessarily in a client/server environment." .

:Conditional_Authentication a owl:Class ;
rdfs:label "Conditional Authentication" ;
rdfs:subClassOf :CredentialHardening ;
:definition "Conditional authentication considers the context in which a specific transaction occurs. A decision is made to either allow or deny an authentication action based on these contextual elements and their compliance with the organization’s policy." ;
:kb-article """## How it Works
When a user or device authenticates, it does so within a specific context - a specific application or browser is used, from a network located in a specific country at a particular time of day, for example. This technique differs however from the UEBA techniques that detect contextual anomalies in the normal pattern of behavior. Rather, conditional authentication is granted based on predefined policies put in place by the organization with the aim to make their attack surface smaller. An organization may decide that authentication requests outside of their home country should be denied, regardless of any other factor.

## Considerations
* Conditional authentication is a key decision element in Zero Trust Architectures. Since ZTA is a set of principles, vendors tend to implement conditional authentication in different ways with varying levels of maturity and capability.
* Restrictive conditional authentication policies may impede legitimate business requests. Before enforcing policies where authentication is denied if the conditional checks fail, policy rules should first be switched on in monitoring mode so that administrators can determine their effectiveness.""" ;
rdfs:seeAlso "https://learn.microsoft.com/en-us/azure/architecture/guide/security/conditional-access-zero-trust" .

:ConferencePaper a owl:Class ;
rdfs:label "Conference Paper" ;
rdfs:subClassOf :AcademicArticle .
Expand Down