The goal of the project is a novel protection for these special computer systems, which works by means of a centrally administered identity and authorization management with a so-called two-factor authentication.
This refers to the identification of the user on the basis of two independent components - so-called factors. While typically the first factor consists of a user identifier and a password, the second factor represents a biometric feature such as a fingerprint or possession of a particular hardware component (such as a smart card). If at least one factor is false or missing, access is denied.
In the industrial environment, even simple authentication at the central monitoring and control devices is not widespread. A backup by means of several factors is common only for particularly critical remote accesses. The project examines the integration of modern authentication methods with a focus on ease of use, universal usability and low administrative overhead.