You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
One or two sentence definition in the style of other d3fend techniques.
Conditional authentication considers the context in which a specific transaction occurs. A decision is made to either allow or deny an authentication action based on these contextual elements and their compliance with the organisation's policy.
How it works
Section explaining how the technique works.
When a user or device authenticates, it does so within a specific context - a specific application or browser is used, from a network located in a specific country at a particular time of day, for example. This technique differs however from the UEBA techniques that detect contextual anomalies in the normal pattern of behaviour. Rather, conditional authentication is granted based on predefined policies put in place by the organisation with the aim to make their attack surface smaller. An organisation may decide that authentication requests outside of their home country should be denied, regardless of any other factor.
Considerations
What should people know about this technique, pros/cons, pitfalls etc.
Conditional authentication is a key decision element in Zero Trust Architectures. Since ZTA is a set of principles, vendors tend to implement conditional authentication in different ways with varying levels of maturity and capability.
Restrictive conditional authentication policies may impede legitimate business requests. Before enforcing policies where authentication is denied if the conditional checks fail, policy rules should first be switched on in monitoring mode so that administrators can determine their effectiveness.
References
High quality publicly available technical documents.
Note: all sections are required.
Credential Hardening > Conditional Authentication
OR
Credential Hardening > Contextual Authentication
Credential Hardening > Conditional Access
Digital Artifacts
d3f:Credential
d3f:UserBehavior
d3f:HardwareDevice
d3f:PhysicalLocation
d3f:UserInterface
Definition
Conditional authentication considers the context in which a specific transaction occurs. A decision is made to either allow or deny an authentication action based on these contextual elements and their compliance with the organisation's policy.
How it works
When a user or device authenticates, it does so within a specific context - a specific application or browser is used, from a network located in a specific country at a particular time of day, for example. This technique differs however from the UEBA techniques that detect contextual anomalies in the normal pattern of behaviour. Rather, conditional authentication is granted based on predefined policies put in place by the organisation with the aim to make their attack surface smaller. An organisation may decide that authentication requests outside of their home country should be denied, regardless of any other factor.
Considerations
References
https://en.wikipedia.org/wiki/Conditional_access
https://learn.microsoft.com/en-us/azure/architecture/guide/security/conditional-access-zero-trust
The text was updated successfully, but these errors were encountered: