4-eyes principal

Hi there,

we are about to implement a new idea for a 4-eyes or more principal.

In this case, two ore more tokens are combined to be used to
authenticate as an account.

You could use this, to restrict access to certain systems like
root-access on machines to only if two administrators are there at once.
There can be different ways to do this.

Please check out the issue on github


and add your comments, ideas and wishes - if this is a feature that is
interesting for you.

Thanks a lot and kind regards
Cornelius–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

…implemented version 1 :slight_smile:


http://privacyidea.readthedocs.org/en/latest/configuration/tokens/4eyes.html

In fact you can have two tokens from realm A, two from realm B and on
from realm C.
Or whatever you want…

Regards
CorneliusAm Freitag, den 28.08.2015, 12:24 +0200 schrieb Cornelius Kölbel:

Hi there,

we are about to implement a new idea for a 4-eyes or more principal.

In this case, two ore more tokens are combined to be used to
authenticate as an account.

You could use this, to restrict access to certain systems like
root-access on machines to only if two administrators are there at once.
There can be different ways to do this.

Please check out the issue on github
https://github.com/privacyidea/privacyidea/issues/167
and add your comments, ideas and wishes - if this is a feature that is
interesting for you.

Thanks a lot and kind regards
Cornelius


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)