Skip to Main Content
The Runtime Adaptive Multi-factor authentication ENvironment (RAMEN) is a client and server-side framework that provides multi-factor authentication policy enforcement for mobile devices running iOS® and Android®. On the client side, RAMEN uses a security manager that can intercept network calls and forward them for secure authentication to a server-side proxy. The server-side proxy contains a dynamic policy engine that can be configured to choose between different authentication methods depending on the mobile context. RAMEN is an extensible framework that has interfaces to plug in different authentication methods. We describe the policy model and implementation of RAMEN. We show the value of RAMEN to developers through an implementation of location-aware security policies that can be set up to enforce security zones that relax or enhance security requirements for different applications.
Note: The Institute of Electrical and Electronics Engineers, Incorporated is distributing this Article with permission of the International Business Machines Corporation (IBM) who is the exclusive owner. The recipient of this Article may not assign, sublicense, lease, rent or otherwise transfer, reproduce, prepare derivative works, publicly display or perform, or distribute the Article.