Top Banner

of 71

Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

May 30, 2018

Download

Documents

Sylvain Maret
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    1/71

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    2/71

    Agenda

    Digital identity SecurityStrong authentication?

    Applications for the Match on

    Conseil en technologieswww.maret-consulting.ch

    rong au en ca on ec no ogy

    Biometry and Match on CardDigital certificate / PKI

    Card technology

    Illustration with a project forthe banking field

    Trends 2010

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    3/71

    Who am I?

    Security Expert15 years of experience in ICT SecurityCEO and Founder of MARET Consulting

    Conseil en technologieswww.maret-consulting.ch

    Expert @ Engineer School of Yverdon & Geneva UniversitySwiss French Area delegate at OpenID SwitzerlandCo-founder Geneva Application Security ForumAuthor of the Blog: la Citadelle Electronique

    Chosen fieldDigital Identity Security

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    4/71

    Protection of digital identities: a topical issue

    Conseil en technologieswww.maret-consulting.ch

    Identificati on

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    5/71

    Strong authentication: why?

    Keylogger (hard and Soft)MalwareMan in the Middle

    Conseil en technologieswww.maret-consulting.ch

    Browser in the MidlePassword SnifferSocial EngineeringPhishing / Pharming

    The number of identity thefts is increasing dramatically!

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    6/71

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    7/71

    Identification and authentication ?

    IdentificationWho are you?

    Conseil en technologieswww.maret-consulting.ch

    AuthenticationProve it!

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    8/71

    Definition of strong authentication

    Conseil en technologieswww.maret-consulting.ch

    Strong Authentication on Wikipedia

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    9/71

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    10/71

    MARET Consulting| Boulevard Georges Favon 43 | CH 1204 Geneva| Tl +41 22 575 30 35| [email protected] | www.maret-consulting.ch

    Conseil en technologies

    technologies

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    11/71

    Which strong authentication technology?

    Conseil en technologieswww.maret-consulting.ch

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    12/71

    OTP PKI (HW) Biometry

    Strongauthentication

    *

    Conseil en technologieswww.maret-consulting.ch

    Digital signature

    Non repudiation

    Strong link withthe user

    * Biometry type FingerprintingSecurity Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    13/71

    Strong authentication:

    Technologies on the move

    Corporations

    eBankingVPN

    Public

    Conseil en technologieswww.maret-consulting.ch

    Web ApplicationsMobilityElectronic Document Mgt

    Project PIV FIPS-201SAMLAdoption of OpenID

    Authentication as a ServiceAaaS

    Social networksFacebook

    Virtual World

    Cloud ComputingGoogle docsSales Forces

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    14/71

    Technologies accessible to everyone

    Standards

    O en Authentication

    Open Source Solution

    Conseil en technologieswww.maret-consulting.ch

    (OATH)OATH authenticationalgorithms

    HOTP (HMAC EventBased)OCRA(Challenge/Response)TOTP (Time Based)

    OATH Token Identifier

    Specification

    strong, two-factor authenticationwith mobile phones

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    15/71

    MARET Consulting| Boulevard Georges Favon 43 | CH 1204 Geneva| Tl +41 22 575 30 35| [email protected] | www.maret-consulting.ch

    Biometry

    Conseil en technologies

    Match on Card

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    16/71

    Which biometric technology for IT?

    Conseil en technologieswww.maret-consulting.ch

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    17/71

    Biometry = strong authentication?

    The answer is clearly noRequires a second factor

    Conseil en technologieswww.maret-consulting.ch

    Problem of security (usurpation)

    Only a convenience for the user

    More information on usurpationStudy Yokohama University

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    18/71

    Technology Match on Card: your NIP code is your finger

    Conseil en technologieswww.maret-consulting.ch

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    19/71

    Example of Match on Card technology for IT

    A readerBiometrySmartCard

    Conseil en technologieswww.maret-consulting.ch

    A card with chipTechnology MOC

    Crypto processorPC/SCPKCS#11Digital certificate X509

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    20/71

    Stocking data?

    On an external

    mediumBetter security Offline modeMOC = Match On card

    Through an

    authentication serverSecurity issueConfidentiality issueAvailability issue

    Conseil en technologieswww.maret-consulting.ch

    Federal law of 19 June 1992on theProtection of data (LPD)

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    21/71

    Example of utilisation of the Match on Card technology

    Smart Card Logon ofMicrosoft

    PK-INIT (Kerberos)

    Web SSO SolutionSAML

    Conseil en technologieswww.maret-consulting.ch

    Very Sensitive WebApplications

    Electronic Document MgteBanking

    Data EncryptionLaptop encryptionFolder (Share) Encryption

    Citrix

    Remote accessVPN SSLVPN IPSEC

    Digital Signature Solution

    Etc.

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    22/71

    Mobility security with MOC technology

    Biometric strongauthentication

    Reader of the swipe type

    Conseil en technologieswww.maret-consulting.ch

    ApplicationsSmart Card LogonVPN (SSL, IPSEC)Web Application

    Citrix

    Utilisation TPMAuthentication of themachine

    Pre Boot AuthenticationFull Disk Encryption

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    23/71

    Authentication of a user with PKINIT (Smart Card Logon)

    1

    Conseil en technologieswww.maret-consulting.ch

    _

    2

    2

    Schema by Philippe Logeane-Xpert Solutions SA

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    24/71

    Feedback

    Conseil en technologieswww.maret-consulting.ch

    Banking field

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    25/71

    The project: electronic management of documents

    Implementation of a Electronic Document Mgt solutionAccess to very sensitive informationClassification of the information: SecretEncr tion of data From BIA

    Conseil en technologieswww.maret-consulting.ch

    Authorization Access Control

    Project for a Private bank in SwitzerlandStart of the project: 2005

    Population concerned500 persons (Phase I)In the long run: 3000 persons (Phase II)

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    26/71

    Business Impact Analysis (BIA)

    Soft Impact

    Loss of goodwillLoss of credibi lityBreach of the l aw

    BIABank Acme SA

    ImpactData

    Availability (in time)

    ServicesHard Impact

    Reduced incomeIncreas ed cost of

    working

    IT Applications

    Conseil en technologieswww.maret-consulting.ch

    inconvenience quite serious critical

    Electronic DocumentsMgt HIGH HIGH 30 min 1 H 2 H HIGH HIGH

    Confidentiality Integrity Loss of operationalcapabilityBreach of

    contract/financialpenalties

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    27/71

    (Data Classification : Secret)

    Implementation of a technology allowingstrong authentication

    via a mechanism of irrefutable proof

    Conseil en technologieswww.maret-consulting.ch

    of the users accessing the banks informationsystem

    Who accesses what, when and how?!

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    28/71

    The technical constraints of the strong authentication project

    Mandatory

    Integration with existingapplications

    Web

    Desired

    Integration with building securityData encryption

    Conseil en technologieswww.maret-consulting.ch

    Microsoft Smart Card LogonLaptop

    Separation of rolesFour eyes

    Digital signatureAuditing, proofProof management

    Future applicationsNetwork and systemsStrong authentication

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    29/71

    Issuer App A cert

    Identity Management AuthorizationManagement

    Basic concept: a unique link

    Conseil en technologieswww.maret-consulting.ch

    User

    PHASE 1PHASE 1PHASE 1PHASE 1Strong authenticationStrong authenticationStrong authenticationStrong authentication

    PHASE 2PHASE 2PHASE 2PHASE 2AuthorizationAuthorizationAuthorizationAuthorization

    Link: cn

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    30/71

    Components of the technical architecture

    Implementation of a PKI intra muros Non Microsoft (Separation of duties)

    Conseil en technologieswww.maret-consulting.ch

    OCSP protocol

    Utilisation of a Hardware Security ModuleSecurity of the PKI architecture

    Shielding and HardeningFirewallIDSFIA

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    31/71

    Concept for the GED application security

    Conseil en technologieswww.maret-consulting.ch

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    32/71

    The focus of biometric authentication

    Conseil en technologieswww.maret-consulting.ch

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    33/71

    Conseil en technologieswww.maret-consulting.ch

    Humain

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    34/71

    The weak link? Matters more than the technique

    Definition of rolesTasks and responsibilitiesPur ose: se aration of duties

    Conseil en technologieswww.maret-consulting.ch

    Four eyes

    Implementation of identity management processes

    Implementation of operating procedures

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    35/71

    Implementation of processes

    Processes for the identity management teamUser enrollmentRevocation

    Conseil en technologieswww.maret-consulting.ch

    Incident mangementLoss, theft, forgotten card

    Renewal

    Process for Help DeskProcess for the AuditorsProcess for the RSSI

    And the operating procedures!

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    36/71

    The result

    A series of documents for the bankOperating proceduresDescri tion of rocesses

    Conseil en technologieswww.maret-consulting.ch

    Terms of useDefinition of roles and responsibilitiesCP /CPS for the in house PKI

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    37/71

    Conseil en technologieswww.maret-consulting.ch

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    38/71

    Conseil en technologieswww.maret-consulting.ch

    Training of the identity management teamTraining of users

    Training of Help DeskTraining for the technologies

    PKIBiometry

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    39/71

    Identity Management Team Training

    Very Important work

    How to enroll fin ers

    Conseil en technologieswww.maret-consulting.ch

    Match on Card TechnologyProblem handling

    TechnicalHuman

    Coaching for 3 weeks

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    40/71

    End User Training

    About 30 min per User

    Conseil en technologieswww.maret-consulting.ch

    Match on Card

    Finger positionTry (Play with Biometry)

    Document for End Users

    Signature (Legal Usage)

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    41/71

    Problems

    Conseil en technologieswww.maret-consulting.ch

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    42/71

    Some examples

    Enrollment with some Users

    Conseil en technologieswww.maret-consulting.ch

    End Users convocation

    Technical Problem on Validation AuthorityOCSP Servers

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    43/71

    Feedback?

    Conseil en technologieswww.maret-consulting.ch

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    44/71

    Conclusion of the project

    Pure technique is a minorelement in the success ofsuch a large scale project

    Biometry is a mature technology

    Technology PKI

    Conseil en technologieswww.maret-consulting.ch

    Never under estimate theorganisational aspect

    CP / CPS for the PKIManagement process

    Ask for management support

    ers a sa ety erne or t e

    futureEncryption, signatureRights management informationData security

    A step towards convergencePhysical and logical security

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    45/71

    Tendency Biometry Match on Card

    The PIV Fips-201 project is a leader!

    ConvergencePh sical securit and lo ical securit

    Conseil en technologieswww.maret-consulting.ch

    Biometric sensor for laptopsUPEK (Solution FIPS-201)

    New biometric technologies

    Full Disk Encryption (Laptop)Support of the Match on Card technologyMcAfee Endpoint Encryption (formerly SafeBoot Encryption)Win Magic SecureDoc Disk Encryption

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    46/71

    A very promising technology: Vascular Pattern Recognition

    Conseil en technologieswww.maret-consulting.ch

    By SONY

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    47/71

    When will the convergence happen?

    Conseil en technologieswww.maret-consulting.ch

    A difficult convergence! Physical security and logical security

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    48/71

    A few links to deepen the subject

    MARET Consultinghttp://maret-consulting.ch/

    La Citadelle Electronique (blog on digital identities)http://www.citadelle-electronique.net/

    Conseil en technologieswww.maret-consulting.ch

    Banking and finance articleSteal an identity? Impossible with biometry!

    http://www.banque-finance.ch/numeros/88/59.pdf

    Biometry and Mobilityhttp://www.banque-finance.ch/numeros/97/62.pdf

    Publique presentations

    OSSIR Paris 2009: Feedback on the deployment of biometry on a large scalehttp://www.ossir.org/paris/supports/2009/2009-10-13/Sylvain_Maret_Biometrie.pdfISACA, Clusis: Access to information : Roles and responsibilities

    http://blog.b3b.ch/wp-content/uploads/mise-en-oeuvre-de28099une-solution-biometrique-de28099authentification-forte.pdf

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    49/71

    Conseil en technologieswww.maret-consulting.ch

    The counseling and the expertise for the selection and

    the implementation of innovative technologies

    in the field of security of information systems and digital identity"

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    50/71

    MARET Consulting| Boulevard Georges Favon 43 | CH 1204 Geneva| Tl +41 22 575 30 35| [email protected] | www.maret-consulting.ch

    Annexes

    Conseil en technologies

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    51/71

    Conseil en technologieswww.maret-consulting.ch

    Humain

    in 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    52/71

    OTP Software using SmartPhone

    Conseil en technologieswww.maret-consulting.ch

    OTP for iPhone: a feedbackSoftware OTP for iPhoneMobile One Time Passwords

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    53/71

    Biometry Match on Card

    Conseil en technologieswww.maret-consulting.ch

    Feedback on the deployment of biometry on a large scale

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    54/71

    The focus of biometric authentication

    Conseil en technologieswww.maret-consulting.ch

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    55/71

    USB Token

    Conseil en technologieswww.maret-consulting.ch

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    56/71

    Internet Passport

    Conseil en technologieswww.maret-consulting.ch

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    57/71

    Matrix cryptography

    Conseil en technologieswww.maret-consulting.ch

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    58/71

    PKI: Digital certificate X509

    Software Certificate Hardware Certificate

    Conseil en technologieswww.maret-consulting.ch

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    59/71

    OTP via SMS

    OTP via SMS

    Conseil en technologieswww.maret-consulting.ch

    Enter OTP

    Security Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    60/71

    State of the art in 2010 of the authentifiers: Synthesis

    TechnologiesTechnologiesTechnologiesTechnologies ExplanationsExplanationsExplanationsExplanations

    OTP SoftwareSmartPhone

    One Time Password softwareEvent, Time or mode challenge responseMode not connected

    Biometry Match onCard

    Biometry and chip cardDigital certificate

    Conseil en technologieswww.maret-consulting.ch

    USB Token One Time Password in mode connectedEvent, Time ou mode challenge response

    Internet Passport Biometry One Time PasswordMode not connectedMode challenge response

    Matrix cryptography One Time PasswordMode challenge response

    PKI Certificate softwareCertificaet Hardware

    OTP SMS One Time Password by SMS

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    61/71

    Conseil en technologieswww.maret-consulting.ch

    Humain

    web applications

    b l h b h

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    62/71

    Web application with a basic authentication

    Conseil en technologieswww.maret-consulting.ch

    Security Summit Milano, march 2010

    W b li i d h i i ?

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    63/71

    Web application towards a strong authentication?

    Conseil en technologieswww.maret-consulting.chSecurity Summit Milano, march 2010

    Shi ldi g h (P i t i A th ti ti )

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    64/71

    Shielding approach - (Perimetric Authentication)

    Conseil en technologieswww.maret-consulting.chSecurity Summit Milano, march 2010

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    65/71

    Approach API / SDK

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    66/71

    Approach API / SDK

    Conseil en technologieswww.maret-consulting.chSecurity Summit Milano, march 2010

    SSL PKI: how does it work?

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    67/71

    SSL PKI: how does it work?

    ValidationAuthority

    Valide

    OCSP request

    Conseil en technologieswww.maret-consulting.ch

    Web ServerAlice

    Pas valideInconu

    SSL / TLS Mutual Authentication

    Security Summit Milano, march 2010

    Approach federation of identity

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    68/71

    a change of paradigm

    Conseil en technologieswww.maret-consulting.chSecurity Summit Milano, march 2010

    Approach federation of identityh f d

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    69/71

    a change of paradigm

    Conseil en technologieswww.maret-consulting.chSecurity Summit Milano, march 2010

    Approach federation of identity

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    70/71

    pp y

    Conseil en technologieswww.maret-consulting.chSecurity Summit Milano, march 2010

    Approaches for an integration of the strong authentication

  • 8/14/2019 Implementation of a Biometric Solution Providing Strong Authentication to Gain Access to Confidential Da

    71/71

    pp g g

    Approaches Examples

    Shielding(Perimetric Auth)

    Utilisation of a protective third party compnentSuch as a Reverse Proxy (Web Application Firewall)

    Module(Agents)

    Utilisation of a software moduleSuch as an Apache module, a SecurID agent, etc.

    Conseil en technologieswww.maret-consulting.ch

    API(SDK)

    Development via an APIFor instance by using the Web Services (SOAP)

    SSL PKI Utilisation of a certificate X509Utilisation of SSL/TLS functionalities

    PKI ReadyIdentity Federation Utilisation of a federation protocol such as SAML, OpenID,

    Others PKI application, etc.


Related Documents
Presentation on Biometric Authentication

Presentation on Biometric Authentication

Category: Documents
Continuous biometric authentication using mobile … biometric authentication using mobile devices ... Key parameters taken into account for our ... Continuous biometric authentication

Continuous biometric authentication using mobile …...

Category: Documents
Biometric authentication reiew

Biometric authentication reiew

Category: Technology
Bio Metrics .Biometric Authentication

Bio Metrics .Biometric Authentication

Category: Documents
BIOMETRIC AUTHENTICATION SERVICE GUIDE

BIOMETRIC AUTHENTICATION SERVICE GUIDE

Category: Documents
DESIGN AND IMPLEMENTATION OF A BIOMETRIC …type of authentication is related to biometric. 2.2 Variants of biometric authentication There are many variants of biometric authentication

DESIGN AND IMPLEMENTATION OF A BIOMETRIC …type of...

Category: Documents
DigitalPersona, Inc. Biometric Authentication for Digital Authentication

DigitalPersona, Inc. Biometric Authentication for Digital...

Category: Documents
Voice biometric authentication

Voice biometric authentication

Category: Technology
Biometric authentication system in business

Biometric authentication system in business

Category: Business
AU-101 Biometric Authentication User's Guidefiles.oceusa.com/.../cm2522_3522_BiometricsUsersGuide.pdfUsing Authentication Unit (Biometric Type) AU-101 3 AU-101 5 3 Using Authentication

AU-101 Biometric Authentication User's...

Category: Documents
Fingerprint-Authentication Using Biometric

Fingerprint-Authentication Using Biometric

Category: Documents
Mobile Biometric Authentication Report

Mobile Biometric Authentication Report

Category: Documents