Appendix A Abbreviations and Acronyms¶
AD |
Active Directory |
API |
Application Programming Interface |
APNS |
Apple Push Notification System |
App ID |
Application Identification |
AppAuth |
Application Authentication System |
AS |
Authorization Server |
ASM |
Authenticator-Specific Module |
BCP |
Best Current Practice |
BIND |
Berkeley Internet Name Domain |
BLE |
Bluetooth Low Energy |
CA |
Certificate Authority |
CPSSP |
Central Public Safety Service Provider |
CPU |
Central Processing Unit |
CRADA |
Cooperative Research and Development Agreement |
CSR |
Certificate Signing Request |
DN |
Distinguished Name |
DNS |
Domain Name System |
FIDO |
Fast Identity Online |
FQDN |
Fully Qualified Domain Name |
GB |
Gigabyte |
GCM |
Google Cloud Messenger |
GHz |
Gigahertz |
HSM |
Hardware Security Module |
HTML |
Hypertext Markup Language |
HTTP |
Hypertext Transfer Protocol |
HTTPS |
Hypertext Transfer Protocol Secure |
ID |
Identification |
IdP |
Identity Provider |
IETF |
Internet Engineering Task Force |
iOS |
iPhone Operating System |
IP |
Internet Protocol |
IT |
Information Technology |
JCE |
Java Cryptography Extension |
JDK |
Java Development Kit |
JSON |
JavaScript Object Notation |
JWE |
JSON Web Encryption |
JWT |
JSON Web Token |
LDAP |
Lightweight Directory Access Protocol |
LGPL |
Lesser General Public License |
LPSD |
Local Public Safety Department |
MDM |
Mobile Device Management |
MFA |
Multifactor Authentication |
MSSO |
Mobile Single Sign-On |
NAT |
Network Address Translation |
NCCoE |
National Cybersecurity Center of Excellence |
NFC |
Near Field Communication |
NIST |
National Institute of Standards and Technology |
NNAS |
Nok Nok Authentication Server |
NTP |
Network Time Protocol |
OIDC |
OpenID Connect |
OOB |
Out-of-Band |
OS |
Operating System |
PIN |
Personal Identification Number |
PKCE |
Proof Key for Code Exchange |
PSFR |
Public Safety and First Responder |
PSX |
Public Safety Experience |
PTT |
Push to Talk |
QR |
Quick Response |
RAM |
Random Access Memory |
RFC |
Request for Comments |
RP |
Relying Party |
RPM |
Red Hat Package Manager |
SaaS |
Software as a Service |
SAML |
Security Assertion Markup Language |
SDK |
Software Development Kit |
SKCE |
StrongKey CryptoEngine |
SLO |
Single Log-Out |
SP |
Service Provider, Special Publication |
SPSD |
State Public Safety Department |
SQL |
Structured Query Language |
SSH |
Secure Shell |
SSO |
Single Sign-On |
TCP |
Transmission Control Protocol |
TLS |
Transport Layer Security |
U2F |
Universal Second Factor |
UAF |
Universal Authentication Framework |
URI |
Uniform Resource Identifier |
URL |
Uniform Resource Locator |
USB |
Universal Serial Bus |
VLAN |
Virtual Local Area Network |
VPN |
Virtual Private Network |
W3C |
World Wide Web Consortium |
WAR |
Web Archive |
Appendix B References¶
- C1
W. Denniss and J. Bradley, “OAuth 2.0 for Native Apps,” BCP 212, RFC 8252, DOI 10.17487/RFC8252, October 2017. Available: https://www.rfc-editor.org/info/rfc8252.
- C2
FIDO Alliance, “FIDO Specifications Overview: UAF & U2F,” 20 May 2016. Available: https://www.slideshare.net/FIDOAlliance/fido-specifications-overview-uaf-u2f.
- C3
Google, “Chrome custom tabs smooth the transition between apps and the web,” Android Developers Blog, 2 September 2015. Available: https://android-developers.googleblog.com/2015/09/chrome-custom-tabs-smooth-transition.html.
- C4
Google, “Chrome Custom Tabs,” 6 May 2016. Available: https://developer.chrome.com/multidevice/android/customtabs.
- C5
Apple, “SFSafariViewController,” 2019. Available: https://developer.apple.com/documentation/safariservices/sfsafariviewcontroller.
- C6
D. Waite, “Single Sign-on and iOS 11,” Ping Identity, 8 August 2017. Available: https://www.pingidentity.com/en/company/blog/2017/08/08/single_sign-on_and_ios_11.html.
- C7
Apple, “ASWebAuthenticationSession,” 2019. Available: https://developer.apple.com/documentation/authenticationservices/aswebauthenticationsession.
- C8
OpenID Foundation, “openid/AppAuth-iOS,” GitHub, 2019. Available: https://github.com/openid/AppAuth-iOS.
- C9
Google, “Google Chrome: Fast & Secure,” Google Play, 2018. Available: https://play.google.com/store/apps/details?id=com.android.chrome.
- C10
Google, “FIDO2 API for Android,” 24 February 2020. Available: https://developers.google.com/identity/fido/android/native-apps.
- C11
Google, “Google Authenticator,” Google Play, Available: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2.
- C12
J. Chong, “iPhone Support for YubiKey OTP via NFC,” Yubico, 25 October 2017. Available: https://www.yubico.com/blog/iphone-support-yubikey-otp-via-nfc/.
- C13
J. Chong, “Yubico Extends Mobile SDK for iOS to Lightning,” Yubico, 30 August 2018. Available: https://www.yubico.com/blog/yubico-extends-mobile-sdk-for-ios-to-lightning/.
- C14
J. Davis, “Release Notes for Safari Technology Preview 71,” 5 December 2018. Available: https://webkit.org/blog/8517/release-notes-for-safari-technology-preview-71/.
- C15
S. Machani, R. Philpott, S. Srinivas, J. Kemp and J. Hodges, “FIDO UAF Architectural Overview, FIDO Alliance Implementation Draft,” 2 February 2017. Available: https://fidoalliance.org/specs/fido-uaf-v1.1-id-20170202/fido-uaf-overview-v1.1-id-20170202.html.
- C16
Nok Nok Labs Inc., “Nok Nok™ Passport,” Google Play, Available: https://play.google.com/store/apps/details?id=com.noknok.android.passport2.
- C17
Nok Nok Labs Inc., “Nok Nok™ Passport,” Apple App Store, Available: https://itunes.apple.com/us/app/nok-nok-passport/id1050437340.
- C18
Motorola Solutions, “Broadband Push to Talk (PTT) Services” Available: https://www.motorolasolutions.com/en_us/products/broadband-push-to-talk.html.
- C19
OpenID Foundation, “openid/AppAuth-Android,” GitHub, Available: https://github.com/openid/AppAuth-Android.
- C20
Jones, M. and D. Hardt, “The OAuth 2.0 Authorization Framework: Bearer Token Usage,” RFC 6750, DOI 10.17487/RFC6750, October 2012. Available: https://www.rfc-editor.org/info/rfc6750.
- C21
D., Hardt, Ed., “The OAuth 2.0 Authorization Framework,” RFC 6749, DOI 10.17487/RFC6749,” October 2012. Available: https://www.rfc-editor.org/info/rfc6749.
- C22
S. Cantor, J. Kemp, R. Philpott and E. Maler, “Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0,” 15 March 2005. Available: http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf.
- C23
N. E. Sakimura, J. Bradley and N. Agarwal, “Proof Key for Code Exchange by OAuth Public Clients,” RFC 7636, DOI 10.17487/RFC7636, September 2015. Available: https://www.rfc-editor.org/info/rfc7636.
- C24
M. Jones and J. Hildebrand, “JSON Web Encryption (JWE),” RFC 7516, May 2015. Available: https://tools.ietf.org/html/rfc7516.
- C25
N. Sakimura, J. Bradley, M. Jones, B. de Medeiros and C. Mortimore, “OpenID Connect Core 1.0 incorporating errata set 1,” 8 November 2014. Available: http://openid.net/specs/openid-connect-core-1_0.html.
- C26
Microsoft Corporation, “Active Directory Schema,” Available: https://msdn.microsoft.com/en-us/library/ms675085(v=vs.85).aspx.
- C27
Nok Nok Labs, Inc., “Nok Nok Labs S3 Authentication Suite Solution Guide,” v5.1.1, 2017.
- C28
Nok Nok Labs, Inc., “Nok Nok Authentication Server Administration Guide,” v5.1.1, 2017.
- C29
Nok Nok Labs, Inc., “Nok Nok PingFederate Adapter Integration Guide,” v1.0.1, 2017.
- C30
StrongKey, Inc., “PingFederate FIDO IdP Adapter Installation Guide,” Revision 2, 2017.
- C31
J. Richer, Ed., “OAuth 2.0 Token Introspection,” RFC 7662, October 2015. Available: https://tools.ietf.org/html/rfc7662.