Tags:Authorization, Multi-Factor Authentication, OAuth 2.0 and Smart-Card Logon
Abstract:
In the evolving landscape of digital security, the integration of robust Multi-Factor Authentication (MFA) methods stands as a critical defense mechanism against unauthorized access, augmenting traditional username+password approach. In this paper, we present SCAWA, a publicly available implementation for smart-card authentication in the context of web applications. Our proposal is based on NexU Github project implemented by Nowina Solutions, and adapted it to fit our needs. For developer convenience, we integrated our implementation into Keycloack, a popular open-source Identity-Management platform. In the paper we present solution's architecture, implementation details and achieved results. Using SCAWA, developers can seamlessly integrate smart-card logon for their web applications, by only implementing an usual OAuth 2.0 flow. Through this contribution, we aim to lower the entry barrier for implementing sophisticated and secure authentication and authorization methods. Thereby, the result of our work aims to be fostering a more secure digital environment and enabling a higher adoption rate for secure authentication methods.
SCAWA: Enabling Smart Card Authentication for Web Applications