Без темы
<<  2008-2009 Edition Version 1-11 4-ый Раунд подачи заявок  >>
© 2014 FIDO Alliance
© 2014 FIDO Alliance
Who… What… Why…
Who… What… Why…
2014 FIDO Alliance
2014 FIDO Alliance
142+ & growing…
142+ & growing…
142+ & growing…
142+ & growing…
To Change Authentication Online by:
To Change Authentication Online by:
FIDO Alliance’s Role…
FIDO Alliance’s Role…
Identity & Authentication Building Blocks
Identity & Authentication Building Blocks
Why Authentication is Cybersecurity Priority #1
Why Authentication is Cybersecurity Priority #1
Today’s Passwords
Today’s Passwords
Today’s Password Alternatives
Today’s Password Alternatives
Major Industry Trend
Major Industry Trend
Putting It Together
Putting It Together
FIDO Experiences
FIDO Experiences
State of Market Adoption
State of Market Adoption
Version 1.0 is in Public Review
Version 1.0 is in Public Review
13+ products have participated in and satisfied the requirements of
13+ products have participated in and satisfied the requirements of
OEMs SHIPPING FIDO-READY ™ PRODUCTS New and existing devices are
OEMs SHIPPING FIDO-READY ™ PRODUCTS New and existing devices are
First FIDO Deployment already live…
First FIDO Deployment already live…
From July 2014…
From July 2014…
How it works
How it works
FIDO Registration
FIDO Registration
FIDO Login
FIDO Login
Decouple User Verification Method from Authentication Protocol
Decouple User Verification Method from Authentication Protocol
No 3rd Party in the Protocol
No 3rd Party in the Protocol
No secrets on Server side
No secrets on Server side
Key Benefit for Service Providers
Key Benefit for Service Providers
FIDO’s Focus on User Privacy
FIDO’s Focus on User Privacy
Call to Action
Call to Action
THANK YOU
THANK YOU

Презентация: «2014 FIDO Alliance». Автор: McDowell, Brett. Файл: «2014 FIDO Alliance.pptx». Размер zip-архива: 6837 КБ.

2014 FIDO Alliance

содержание презентации «2014 FIDO Alliance.pptx»
СлайдТекст
1 © 2014 FIDO Alliance

© 2014 FIDO Alliance

2 Who… What… Why…

Who… What… Why…

3 2014 FIDO Alliance
4 142+ & growing…

142+ & growing…

5 142+ & growing…

142+ & growing…

6 To Change Authentication Online by:

To Change Authentication Online by:

(a) Developing unencumbered Specifications that define interoperable mechanisms that supplant reliance on passwords (b) Operating programs to help ensure industry adoption (c) Submitting mature Specifications for formal standardization

7 FIDO Alliance’s Role…

FIDO Alliance’s Role…

“Paper” Specifications Interoperability and Conformance testing Trademark licensing against criteria Thought leadership, nurture ecosystem The Alliance does not ship products! Implementations left to commercial vendors

8 Identity & Authentication Building Blocks

Identity & Authentication Building Blocks

Modern Authentication

Single Sign-On

Federation

Authentication

User Management

Physical-to-digital identity

Passwords

Risk-Based

Strong

©NOK NOK LABS – Used by Permission

8

E-Gov

Payments

Security

Personalization

9 Why Authentication is Cybersecurity Priority #1

Why Authentication is Cybersecurity Priority #1

Poor authentication mechanisms are a commonly exploited vector of attack by adversaries; the 2013 Data Breach Investigations Report (conducted by Verizon in concert with the U.S. Department of Homeland Security) noted that 76% of 2012 network intrusions exploited weak or stolen credentials. -- NIST Roadmap for Improving Critical Infrastructure Cybersecurity,12-Feb-2014

10 Today’s Passwords

Today’s Passwords

REUSED

PHISHED

KEYLOGGED

11 Today’s Password Alternatives

Today’s Password Alternatives

One Time Codes with SMS or Device

SMS USABILITY

DEVICE USABILITY

USER EXPERIENCE

STILL PHISHABLE

Coverage | Delay | Cost

One per site | $$ | Fragile

User find it hard

Known attacks today

12 Major Industry Trend

Major Industry Trend

Simpler, Stronger Local Device Auth

Carry Personal Data

Pins & Patterns today

Simpler, Stronger local authentication

PERSONAL DEVICES

LOCAL LOCKING

NEW WAVE: CONVENIENT SECURITY

13 Putting It Together

Putting It Together

The problem: Simpler, Stronger online The trend: Simpler, Stronger local device auth Why not: Use local device auth for online auth?

This is the core idea behind FIDO standards!

14 FIDO Experiences

FIDO Experiences

PASSWORDLESS EXPERIENCE (UAF standards)

SECOND FACTOR EXPERIENCE (U2F standards)

Transaction Detail

Show a biometric

Done

Login & Password

Done

Insert Dongle, Press button

ONLINE AUTH REQUEST

LOCAL DEVICE AUTH

SUCCESS

15 State of Market Adoption

State of Market Adoption

16 Version 1.0 is in Public Review

Version 1.0 is in Public Review

17 13+ products have participated in and satisfied the requirements of

13+ products have participated in and satisfied the requirements of

our testing program and are conferred the right to use the FIDO Ready™ mark.

18 OEMs SHIPPING FIDO-READY ™ PRODUCTS New and existing devices are

OEMs SHIPPING FIDO-READY ™ PRODUCTS New and existing devices are

supported

Clients available for these operating systems :

OEM Enabled: Lenovo ThinkPads with Fingerprint Sensors

OEM Enabled: Samsung Galaxy S5

Software Authenticator Examples: Voice/Face recognition, PIN, QR Code, etc.

Aftermarket Hardware Authenticator Examples: USB fingerprint scanner, MicroSD Secure Element

19 First FIDO Deployment already live…

First FIDO Deployment already live…

Customers can use their finger to pay with PayPal from their new Samsung Galaxy S5 because the FIDO Ready™ software on the device securely communicates between the fingerprint sensor on their device and PayPal’s service in the cloud. The only information the device shares with PayPal is a unique cryptographic “public key” that allows PayPal to verify the identity of the customer without having to store any biometric information on PayPal’s servers.

20 From July 2014…

From July 2014…

Alipay – formerly a part of Alibaba Group in China Processed $519 Billion in transactions in 2013 Launched FIDO-based payments using Galaxy S5

21 How it works

How it works

22 FIDO Registration

FIDO Registration

REGISTRATION BEGINS

USER APPROVAL

1

2

REGISTRATION COMPLETE

NEW KEY CREATED

4

3

Using Public key Cryptography

USER APPROVAL

KEY REGISTERED

23 FIDO Login

FIDO Login

LOGIN

USER APPROVAL

1

2

LOGIN COMPLETE

KEY SELECTED

4

3

Using Public key Cryptography

LOGIN CHALLENGE

Login

LOGIN RESPONSE

24 Decouple User Verification Method from Authentication Protocol

Decouple User Verification Method from Authentication Protocol

PLUGGABLE LOCAL AUTH

LOGIN

USER APPROVAL

1

2

ONLINE SECURITY PROTOCOL

REGISTRATION COMPLETE

KEY SELECTED

4

3

Leverage public key cryptography

LOGIN CHALLENGE

LOGIN RESPONSE

25 No 3rd Party in the Protocol

No 3rd Party in the Protocol

26 No secrets on Server side

No secrets on Server side

27 Key Benefit for Service Providers

Key Benefit for Service Providers

28 FIDO’s Focus on User Privacy

FIDO’s Focus on User Privacy

Biometric data (if used) never leaves device No link-ability between Services No link-ability between Accounts

29 Call to Action

Call to Action

FIDO is ready for use launch a Proof-of-Concept & Pilot Get involved: Adapt your strategy & roadmap to include FIDO Join the Alliance – we are non-profit & volunteer Contact Brett McDowell – brett@fidoalliance.org

30 THANK YOU

THANK YOU

«2014 FIDO Alliance»
http://900igr.net/prezentacija/ekonomika/2014-fido-alliance-103994.html
cсылка на страницу
Урок

Экономика

125 тем
Слайды