Scroll back

ALAP Extensions

This project extended the ALAP architecture to become more lightweight and more flexible.
Two factor authentication is important for strong authentication systems. Available technologies and state of the art authentication factors develop fast.
Therefore it is important to react on such changes. ALAP provides an architecture for generic multi factor authentication. This eases the integration of different authentication factors.
ALAP consists of multiple server applications and an authenticator application. 

In this project ALAP was extended to become more lightweight and more flexible. The architecture was changed to support a wider range of applicaitons. Therefore the austrian specific Security-Layer interface was removed from ALAP directly. A demo implementation of a citizen card was implemented as service provider application, that only uses ALAP to perform the authentication. The main advantages and changes of the new architecture are:
  • All communications between distributed components are now implemented using OpenID Connect. 
  • The user interface was redesigned with focus on usable security and a recently conducted study of the ALAP system.
  • Person specific data was removed from ALAP to make a first step towards public cloud deployment of the ALAP system.
  • The OpenID Connect Discovery and OpenID Connect Dynamic Registration specifcations were implemented to easy the deployment and integration of service providers and authentication factors.
Scroll forward