SlideShare uma empresa Scribd logo

SmartCard Forum 2008 - Securing digital identity

OKsystem
OKsystem

This document discusses securing digital identity and provides an overview of Oberthur Technologies' smart card-based solutions. Smart cards can securely store private keys and digital certificates, and perform cryptographic operations to authenticate users during online transactions. Oberthur offers smart cards, readers, and client software that implement public key infrastructure and provide different levels of assurance for digital identity depending on the form factors and credentials used.

Tecnologia
1 de 33
Baixar para ler offline
Securing Digital Identity An overview of available technologies and solutions to secure digital identity Jérôme Lena IPL Advanced Product Manager j.lena@oberthurcs.com 1 Securing Digital Identity - © 2008 Oberthur Technologies
Agenda Identity and identities Digital identity at risk Securing digital identity Smart card based solutions from Oberthur 2 Securing Digital Identity - © 2008 Oberthur Technologies
Identity and identities 3 Securing Digital Identity - © 2008 Oberthur Technologies
What is an Identity? Internal definition “Identity” … -noun, plural –ties From Latin “identidem”, contraction of “idem et idem”, literally “the same and the same”. “The state or fact of remaining the same one or ones, as under varying aspects of conditions.” “The condition of being oneself or itself and not another.” “The sense of self, providing sameness and continuity in personality over time and sometimes disturbed in mental illness, as schizophrenia.” … requires a proof of identity Random House Unabridged Dictionary, © Random House Inc. 2006 4 Securing Digital Identity - © 2008 Oberthur Technologies
What is an Identity? External definition Identity defined by an authority… Beginning of modern era : identity proof required only from mobile people (pilgrims, beggars, messengers…) Early days of democracy : France, August 4, 1794, first law in the West fixing identity to birth certificate Nowadays : sovereignty and citizenship are the basis of every nation-state. … requires a seal of authority 5 Securing Digital Identity - © 2008 Oberthur Technologies
Identity in a digital world Digital Identities are used everyday, sometimes all day long… Digital identites at work Log on to your PC Logon to a Wifi hotspot Send and receive emails Log on to a Virtual Private Network (VPN) Log on to legacy corporate applications. Digital identites at home Log on to your PC Logon to a Wifi hotspot Send and receive emails with an e-mail client Send and receive web-based emails Chat with instant messaging (Windows Live Messenger, Skype, etc). 6 Securing Digital Identity - © 2008 Oberthur Technologies
Identity in a digital world Every new internet service requires a new identity… Digital identities for e-commerce Online banking, e-wallets Online shopping (Amazon™, Pixmania™,…) Online selling/auctions (eBay™,…) Digital identities for online communities Social networks (Facebook, Myspace, Meetic…) Online gaming (Role Playing Games, poker) Online publishing and sharing Photo hosting, video sharing, blogs 7 Securing Digital Identity - © 2008 Oberthur Technologies
Identity in a digital world … while an “e-citizen” needs a single identity for several internet services. Digital identity for e-government services Income and other taxes declaration Value Added Tax declaration and payment Car registration (online declaration for automobile license) Personal document request and delivery (birth, marriage,…) Social services (unemployment benefits, job search, student grants,…) Declaration to the police (theft, accident,…) 8 Securing Digital Identity - © 2008 Oberthur Technologies
Digital identity at risk 9 Securing Digital Identity - © 2008 Oberthur Technologies
Digital identity at risk The overexposure threat Have you been Googleized lately? Specialized search engine are now cropping up (eg. Spock) From social networks to social engineering The Facebook “superhero name” information leak* Should one be afraid of digital identity theft? “post-industrial society, technotronic or informational… will be overwhelming for the ones mastering it badly…” “Stolen memories” (Lorenzi & Le Boucher, 1979) *Article of Paul Johns, Complinet Chief Marketing Officer (2007) 10 Securing Digital Identity - © 2008 Oberthur Technologies
Digital identity at risk Figures on identity fraud in the UK* Case of identity and impersonation fraud reported 90 000 80 000 80 000 66 000 70 000 60 000 56 000 50 000 46 000 40 000 34 000 30 000 24 000 20 000 16 000 9 000 10 000 0 1999 2000 2001 2002 2003 2004 2005 2006 *CIFAS – UK’s Fraud Prevention Service 2007 11 Securing Digital Identity - © 2008 Oberthur Technologies
Digital identity at risk Figures on identity fraud in the US* In 2006: 8,9 million Americans were victimized by identity fraud. Total cost of identity fraud was $56,6 billion. Average fraud amount per victim : $6 383. Average fraud cost per victim : $422. *Javelin Strategy/Better Business Bureau 2006 Identify Fraud Survey Report. 12 Securing Digital Identity - © 2008 Oberthur Technologies
Digital identity at risk How does identity theft happen?* Real world Some control Lost or stolen wallet, checkbook or credit card Mail theft from an unlock mailbox Private documents retrieved from trash can (“dumpster diving”) Information stolen at home (relatives, friends, employees) E-mails, calls or text messages pretending to be a trusted source Eavesdropping by a criminal while conducting a public transaction (“shoulder surfing”) Criminal changing address of an account Corrupt business employee who has access to private data Hacking, viruses, spyware Digital world Data breach at an organization that maintains access to private No control information (retailer, school, bank, hospital ) *Ibid. 13 Securing Digital Identity - © 2008 Oberthur Technologies
Digital identity at risk Threats to digital identity (some control) E-mail security issues Anybody can create a fake email address E-mail communication provides no confidentiality Wifi security issues WEP encryption has been cracked in January 2001 by the University of Berkeley Any communication going through a “free” hot-spot can be intercepted E-banking security issues Increasing attacks to steal user name & password (phishing, pharming, drive-by-pharming) Insufficient countermeasures User name & password still widely used Web Image Authentication do not offer real protection for online banking (May 2007 Harvard-MIT report) 14 Securing Digital Identity - © 2008 Oberthur Technologies
Digital identity at risk Threats to digital identity (no control) Generic IT security issue: digital attacks (a.k.a. “hacking”) For data theft Industrial spying (pricelists, source code, contracts, blueprints, etc…) Customer identity theft (credit card data, personal data, login, etc…) For other cyber criminal activities To be able to impersonate an identity and carry on anonymously on the internet To use e-mail clients or servers to send spam (spam-farm) To store and share illegal or stolen files To synchronize thousands of computers to disable a web site (DDoD) To use computing power to break encryptions To spread virus, trojans, spywares, etc To sell a complete access to a large company network More on these topics : “Dirty Money on the Wires, The Business Models of Cyber Criminals” (Virus Bulletin Conference 2006) 15 Securing Digital Identity - © 2008 Oberthur Technologies
Securing digital identity 16 Securing Digital Identity - © 2008 Oberthur Technologies
Securing digital identity Identification Unsecure identification Username & password over a clear connection Internet is an open (distributed) environment any data can be intercepted Static End-user Service provider 17 Securing Digital Identity - © 2008 Oberthur Technologies
Securing digital identity Identification, confidentiality Identification with confidentiality Username & password over an encrypted connection SSL/TSL https:// + Internet Explorer’s or Firefox’s Internet is not a controlled environment User’s identity is not authenticated Visited web site is not (satisfactorily) authenticated Identification with confidentiality and web site authentication Username & password over an Extended Validation SSL connection Internet is still not a controlled environment User’s identity is still not authenticated 18 Securing Digital Identity - © 2008 Oberthur Technologies
Securing digital identity From static to dynamic identification Identification can not be done with constant data Any constant data can be intercepted or stolen It can then be replayed… An end-user can only provide constant data Something he knows (passwords, PIN) Something he is (biometrics) There is a need for a device between the end-user and the service provider The end-user inputs a static identification (password, PIN, biometrics) to identify himself to the device And the device performs a dynamic authentication with the service provider Static Dynamic End-user Device Service provider 19 Securing Digital Identity - © 2008 Oberthur Technologies
Securing digital identity Identification, confidentiality, authentication Identification with confidentiality and user authentication Username & password over an encrypted connection, with verification of a shared-secret Paper-based challenge-response One time password provided by a time-based dongle Smart card-based EMV authentication Shared secrets must be… shared Distribution of shared secret is complex and risky Mostly suited for one-to-many digital transactions Not suited for document signing (non-repudiation) 20 Securing Digital Identity - © 2008 Oberthur Technologies
Securing digital identity Digital identity document A digital certificate is an electronic document Linking an entity (person, company) with a public key Carrying a digital signature linked with a public key from a trusted third party Compliant to an international standard (ITU X.509 v203)  User’s public key User’s name Email Expiration date Etc… Issuer’s Digital Signature User’s Digital Certificate Trusted User Third party 21 Securing Digital Identity - © 2008 Oberthur Technologies
Securing digital identity Identification, confidentiality, authentication, signature Public Key Infrastructure (PKI) Worldwide accepted model for securing communications on intranet, extranet, internet Protocols, services and standards to manage Public Keys to distribute and verify Digital Certificates To verify and authenticate the validity of each party involved in a transaction Trusted Trusted User certificate issuer certificate issuer 22 Securing Digital Identity - © 2008 Oberthur Technologies
Securing digital identity Securing private keys PKI security relies on private keys security Private keys are stored on the user’s hard disk A desktop PC is protected only by user/password (in best case) On a PC, private keys can be easily stolen or misused On a PC, cryptographic calculation can be monitored or tempered with There is a need for a secure device To store private keys To perform cryptographic calculations Static Dynamic End-user Secure device Service provider 23 Securing Digital Identity - © 2008 Oberthur Technologies
Securing digital identity Smart cards to secure PKI For secure data storage Secure storage of private keys, passphrase, PIN or biometrics data Secure storage of several digital certificates in X.509 format Secure storage of standardized data for digital identification XMLDSIG : (XML Digital Signature), SAML : (Markup Language) Secure storage of national/specific data structure (eg. PIV, IAS) For complex calculations True random generator Cryptographic engine (DES, 3DES, RSA, AES, ECC) + = 24 Securing Digital Identity - © 2008 Oberthur Technologies
Securing digital identity Levels of confidence for digital identity Signature tools Software only Smart device + Smart device + Digital Certificate software terminal + delivery mode software Face to face delivery 3 6 9 Highest level of confidence Document-based delivery 2 5 8 Self-registered or self- signed 1 4 7 Lowest level of confidence Secure Static Dynamic End-user Secure data entry device Secure device Service provider 25 Securing Digital Identity - © 2008 Oberthur Technologies
Smart card based solutions from Oberthur 26 Securing Digital Identity - © 2008 Oberthur Technologies
Smart card based solutions from Oberthur Smart cart, devices and software to upgrade PKI to smart card security Smart cards Private key generation & secure storage of credentials Based on market standards Smart card readers & USB Tokens Hardware interface between smart cards and PC environment Based on market standards (PC/SC to serial, USB, PCMCIA) Client software Software interface between smart cards and Windows Operation Systems Based on market standards 27 Securing Digital Identity - © 2008 Oberthur Technologies
Smart card based solutions from Oberthur Classic Smart Card Features Contactless Mifare™ and T=CL interface Contact ISO 7816 interface Support for X.509 digital certificates Support for multiple application Form factors Common Criteria EAL 4+ PP SSCD ID-1 smart card SIM-Plug size United-States NIST United- USB Token FIPS 140-2 Level 3 140- Standards supported Javacard 2.2 with Global Platform 2.1.1. * Compliant with Qualified Electronic Signature as defined by Common Criteria EAL 4+ PP SSCD* (ISO Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for 15408) electronic signatures 28 Securing Digital Identity - © 2008 Oberthur Technologies FIPS 140-2 Level 3
Smart card based solutions from Oberthur Transparent readers Desktop contact readers Desktop contactless readers Laptop readers CC EAL 3+ Enhanced security readers Common Criteria certified Pinpad & LCD Fingerprint biometrics reader 29 Securing Digital Identity - © 2008 Oberthur Technologies
Smart card based solutions from Oberthur Client software (middleware) ID-One Classic Mini-driver For 32 bits and 64 bits versions of Microsoft Vista ™ Compliant with Microsoft new specifications for smart cards (Crypto API Next Generation) Tested and validated by Microsoft Smart Card Certification Center in Dublin Referenced and available on-line for instant download on Microsoft Update Catalog 30 Securing Digital Identity - © 2008 Oberthur Technologies
Smart card based solutions from Oberthur Client software (middleware) ID-One Classic Middleware (AuthentIC Web Pack) Support for deployed Oberthur smart cards Support for PKCS#11 under Windows Vista™ Operation Systems: Windows 9x Windows Me Windows 2000 Windows 2003 Windows XP Windows Vista™ 32 bits Linux 31 Securing Digital Identity - © 2008 Oberthur Technologies
Smart card based solutions from Oberthur Contact chip ID-One Token for Digital ID Contactless chip for Access Control Desktop readers ID-One Classic card Common Criteria Laptop readers Secure Chips Smart Card Readers EAL 4+ PP SSCD Identity applications USB Token Secure Pinpad readers United-States NIST United- FIPS 104-2 Level 3 104- Comp Common Criteria le bringi te solutions EAL 3+ n secur g smart ca it y t o r CustomerI-based digita PK l ID sy d stems Advanced physical security Secure background Security Features Interface to link Invisible ink Personalization smart card with ID-One Classic minidriver Hologram embedding applications on PC Fulfillment AuthentIC Web Pack middleware for Windows 9x, 2K, 2K3, XP ,Vista Personalization services Secure login Electronic signature E-mail encryption 32 Securing Digital Identity - © 2008 Oberthur Technologies
Thank you 33 Securing Digital Identity - © 2008 Oberthur Technologies

Recomendados

Tutorial 3 peter kustor
Tutorial 3 peter kustorTutorial 3 peter kustor
Tutorial 3 peter kustoregovernment
 
The Development of a Federal Digital Identity
The Development of a Federal Digital IdentityThe Development of a Federal Digital Identity
The Development of a Federal Digital IdentityArab Federation for Digital Economy
 
OSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital BreadcrumbsOSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital BreadcrumbsAccenture the Netherlands
 
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...Cyber Security Alliance
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketOKsystem
 
SmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologySmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologyOKsystem
 
Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas GrossPrivacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas GrossThomas Gross
 
Tutorial 3 pedro janices
Tutorial 3 pedro janicesTutorial 3 pedro janices
Tutorial 3 pedro janicesegovernment
 

Recomendados

Tutorial 3 peter kustor
Tutorial 3 peter kustorTutorial 3 peter kustor
Tutorial 3 peter kustoregovernment
 
The Development of a Federal Digital Identity
The Development of a Federal Digital IdentityThe Development of a Federal Digital Identity
The Development of a Federal Digital IdentityArab Federation for Digital Economy
 
OSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital BreadcrumbsOSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital BreadcrumbsAccenture the Netherlands
 
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...Cyber Security Alliance
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketOKsystem
 
SmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologySmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologyOKsystem
 
Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas GrossPrivacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas GrossThomas Gross
 
Tutorial 3 pedro janices
Tutorial 3 pedro janicesTutorial 3 pedro janices
Tutorial 3 pedro janicesegovernment
 
Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Creus Moreira Carlos
 
Login People Digital Dna 5mn Corporate June2011 En
Login People Digital Dna 5mn Corporate June2011 EnLogin People Digital Dna 5mn Corporate June2011 En
Login People Digital Dna 5mn Corporate June2011 EnFredericPaumier
 
Wisekey italia presentation 2012
Wisekey italia presentation 2012Wisekey italia presentation 2012
Wisekey italia presentation 2012K-Team Consulting Srl
 
Business Dimension of Expanded Password System
Business Dimension of Expanded Password SystemBusiness Dimension of Expanded Password System
Business Dimension of Expanded Password SystemHitoshi Kokumai
 
Taveau cartes2012 speaker
Taveau cartes2012 speakerTaveau cartes2012 speaker
Taveau cartes2012 speakerSebastien Taveau ஃ
 
Mobile Authentication on the Internet
Mobile Authentication on the InternetMobile Authentication on the Internet
Mobile Authentication on the Internetevidos
 
Protecting Preserving and Passing Your Digital Estate (2)
Protecting Preserving and Passing Your Digital Estate (2)Protecting Preserving and Passing Your Digital Estate (2)
Protecting Preserving and Passing Your Digital Estate (2)KC Marie Knox
 
Health 2 0 & ultrabook services
Health 2 0 & ultrabook servicesHealth 2 0 & ultrabook services
Health 2 0 & ultrabook servicesifa2012
 
Higgins ESE
Higgins ESEHiggins ESE
Higgins ESEMarkus Sabadello
 
The Future of Secure Documents
The Future of Secure DocumentsThe Future of Secure Documents
The Future of Secure DocumentsDarren Corbett
 
SMS Passcode - Vcw Sales Presentation
SMS Passcode - Vcw Sales PresentationSMS Passcode - Vcw Sales Presentation
SMS Passcode - Vcw Sales PresentationVCW Security Ltd
 
Startup Spotlight: OneID
Startup Spotlight: OneIDStartup Spotlight: OneID
Startup Spotlight: OneIDpii2011
 
Future of identity - growing demand
Future of identity - growing demandFuture of identity - growing demand
Future of identity - growing demandNewsquare
 
Cyber Crime Awareness Project
Cyber Crime Awareness ProjectCyber Crime Awareness Project
Cyber Crime Awareness Projecttsdikshit
 
UK Government identity initiatives since the late 1990s - IDnext 2015
UK Government identity initiatives since the late 1990s - IDnext 2015UK Government identity initiatives since the late 1990s - IDnext 2015
UK Government identity initiatives since the late 1990s - IDnext 2015Jerry Fishenden
 
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCloudIDSummit
 
Identity Assertions Draftv5
Identity Assertions Draftv5Identity Assertions Draftv5
Identity Assertions Draftv5Salvatore D'Agostino
 
Virtual money, internet, privacy, piracy & e-commerce
Virtual money, internet, privacy, piracy & e-commerceVirtual money, internet, privacy, piracy & e-commerce
Virtual money, internet, privacy, piracy & e-commerceVijayan Ganapathy
 
What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019Ulf Mattsson
 
Heavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef
 
Smart Cards & Devices Forum 2013 - Aritmetika s velkými čísly
Smart Cards & Devices Forum 2013 - Aritmetika s velkými číslySmart Cards & Devices Forum 2013 - Aritmetika s velkými čísly
Smart Cards & Devices Forum 2013 - Aritmetika s velkými číslyOKsystem
 
Smart Cards & Devices Forum 2013 - Mobile financial services
Smart Cards & Devices Forum 2013 - Mobile financial servicesSmart Cards & Devices Forum 2013 - Mobile financial services
Smart Cards & Devices Forum 2013 - Mobile financial servicesOKsystem
 

Mais conteúdo relacionado

Semelhante a SmartCard Forum 2008 - Securing digital identity

Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Creus Moreira Carlos
 
Login People Digital Dna 5mn Corporate June2011 En
Login People Digital Dna 5mn Corporate June2011 EnLogin People Digital Dna 5mn Corporate June2011 En
Login People Digital Dna 5mn Corporate June2011 EnFredericPaumier
 
Business Dimension of Expanded Password System
Business Dimension of Expanded Password SystemBusiness Dimension of Expanded Password System
Business Dimension of Expanded Password SystemHitoshi Kokumai
 
Mobile Authentication on the Internet
Mobile Authentication on the InternetMobile Authentication on the Internet
Mobile Authentication on the Internetevidos
 
Protecting Preserving and Passing Your Digital Estate (2)
Protecting Preserving and Passing Your Digital Estate (2)Protecting Preserving and Passing Your Digital Estate (2)
Protecting Preserving and Passing Your Digital Estate (2)KC Marie Knox
 
Health 2 0 & ultrabook services
Health 2 0 & ultrabook servicesHealth 2 0 & ultrabook services
Health 2 0 & ultrabook servicesifa2012
 
The Future of Secure Documents
The Future of Secure DocumentsThe Future of Secure Documents
The Future of Secure DocumentsDarren Corbett
 
SMS Passcode - Vcw Sales Presentation
SMS Passcode - Vcw Sales PresentationSMS Passcode - Vcw Sales Presentation
SMS Passcode - Vcw Sales PresentationVCW Security Ltd
 
Startup Spotlight: OneID
Startup Spotlight: OneIDStartup Spotlight: OneID
Startup Spotlight: OneIDpii2011
 
Future of identity - growing demand
Future of identity - growing demandFuture of identity - growing demand
Future of identity - growing demandNewsquare
 
Cyber Crime Awareness Project
Cyber Crime Awareness ProjectCyber Crime Awareness Project
Cyber Crime Awareness Projecttsdikshit
 
UK Government identity initiatives since the late 1990s - IDnext 2015
UK Government identity initiatives since the late 1990s - IDnext 2015UK Government identity initiatives since the late 1990s - IDnext 2015
UK Government identity initiatives since the late 1990s - IDnext 2015Jerry Fishenden
 
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCloudIDSummit
 
Virtual money, internet, privacy, piracy & e-commerce
Virtual money, internet, privacy, piracy & e-commerceVirtual money, internet, privacy, piracy & e-commerce
Virtual money, internet, privacy, piracy & e-commerceVijayan Ganapathy
 
What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019Ulf Mattsson
 
Heavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef
 

Semelhante a SmartCard Forum 2008 - Securing digital identity (20)

Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012
 
Login People Digital Dna 5mn Corporate June2011 En
Login People Digital Dna 5mn Corporate June2011 EnLogin People Digital Dna 5mn Corporate June2011 En
Login People Digital Dna 5mn Corporate June2011 En
 
Wisekey italia presentation 2012
Wisekey italia presentation 2012Wisekey italia presentation 2012
Wisekey italia presentation 2012
 
Business Dimension of Expanded Password System
Business Dimension of Expanded Password SystemBusiness Dimension of Expanded Password System
Business Dimension of Expanded Password System
 
Taveau cartes2012 speaker
Taveau cartes2012 speakerTaveau cartes2012 speaker
Taveau cartes2012 speaker
 
Mobile Authentication on the Internet
Mobile Authentication on the InternetMobile Authentication on the Internet
Mobile Authentication on the Internet
 
Protecting Preserving and Passing Your Digital Estate (2)
Protecting Preserving and Passing Your Digital Estate (2)Protecting Preserving and Passing Your Digital Estate (2)
Protecting Preserving and Passing Your Digital Estate (2)
 
Health 2 0 & ultrabook services
Health 2 0 & ultrabook servicesHealth 2 0 & ultrabook services
Health 2 0 & ultrabook services
 
Higgins ESE
Higgins ESEHiggins ESE
Higgins ESE
 
The Future of Secure Documents
The Future of Secure DocumentsThe Future of Secure Documents
The Future of Secure Documents
 
SMS Passcode - Vcw Sales Presentation
SMS Passcode - Vcw Sales PresentationSMS Passcode - Vcw Sales Presentation
SMS Passcode - Vcw Sales Presentation
 
Startup Spotlight: OneID
Startup Spotlight: OneIDStartup Spotlight: OneID
Startup Spotlight: OneID
 
Future of identity - growing demand
Future of identity - growing demandFuture of identity - growing demand
Future of identity - growing demand
 
Cyber Crime Awareness Project
Cyber Crime Awareness ProjectCyber Crime Awareness Project
Cyber Crime Awareness Project
 
UK Government identity initiatives since the late 1990s - IDnext 2015
UK Government identity initiatives since the late 1990s - IDnext 2015UK Government identity initiatives since the late 1990s - IDnext 2015
UK Government identity initiatives since the late 1990s - IDnext 2015
 
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
 
Identity Assertions Draftv5
Identity Assertions Draftv5Identity Assertions Draftv5
Identity Assertions Draftv5
 
Virtual money, internet, privacy, piracy & e-commerce
Virtual money, internet, privacy, piracy & e-commerceVirtual money, internet, privacy, piracy & e-commerce
Virtual money, internet, privacy, piracy & e-commerce
 
What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019
 
Heavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online Security
 

Mais de OKsystem

Smart Cards & Devices Forum 2013 - Aritmetika s velkými čísly
Smart Cards & Devices Forum 2013 - Aritmetika s velkými číslySmart Cards & Devices Forum 2013 - Aritmetika s velkými čísly
Smart Cards & Devices Forum 2013 - Aritmetika s velkými číslyOKsystem
 
Smart Cards & Devices Forum 2013 - Mobile financial services
Smart Cards & Devices Forum 2013 - Mobile financial servicesSmart Cards & Devices Forum 2013 - Mobile financial services
Smart Cards & Devices Forum 2013 - Mobile financial servicesOKsystem
 
Smart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocult
Smart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocultSmart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocult
Smart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocultOKsystem
 
Smart Cards & Devices Forum 2013 - Cards going mobile
Smart Cards & Devices Forum 2013 - Cards going mobileSmart Cards & Devices Forum 2013 - Cards going mobile
Smart Cards & Devices Forum 2013 - Cards going mobileOKsystem
 
Smart Cards & Devices Forum 2013 - Babel
Smart Cards & Devices Forum 2013 - BabelSmart Cards & Devices Forum 2013 - Babel
Smart Cards & Devices Forum 2013 - BabelOKsystem
 
Smart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictví
Smart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictvíSmart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictví
Smart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictvíOKsystem
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...OKsystem
 
Smart Cards & Devices Forum 2013 - Security on mobile
Smart Cards & Devices Forum 2013 - Security on mobileSmart Cards & Devices Forum 2013 - Security on mobile
Smart Cards & Devices Forum 2013 - Security on mobileOKsystem
 
Smart Cards & Devices Forum 2013 - Wi-fi protected setup
Smart Cards & Devices Forum 2013 - Wi-fi protected setupSmart Cards & Devices Forum 2013 - Wi-fi protected setup
Smart Cards & Devices Forum 2013 - Wi-fi protected setupOKsystem
 
Smart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnes
Smart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnesSmart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnes
Smart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnesOKsystem
 
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future Cases
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future CasesSmart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future Cases
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future CasesOKsystem
 
Smart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securitySmart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securityOKsystem
 
OKbase - Efektivní využití moderních IT nástrojů při řízení HR
OKbase - Efektivní využití moderních IT nástrojů při řízení HROKbase - Efektivní využití moderních IT nástrojů při řízení HR
OKbase - Efektivní využití moderních IT nástrojů při řízení HROKsystem
 
OKbase - Optimalizujte náklady na vzdělávání moderně
OKbase - Optimalizujte náklady na vzdělávání moderněOKbase - Optimalizujte náklady na vzdělávání moderně
OKbase - Optimalizujte náklady na vzdělávání moderněOKsystem
 
OKbase - moderní IT nástroj pro HR
OKbase - moderní IT nástroj pro HROKbase - moderní IT nástroj pro HR
OKbase - moderní IT nástroj pro HROKsystem
 
OKadresy - (nejen) od UIR-ADR k RUIAN
OKadresy - (nejen) od UIR-ADR k RUIANOKadresy - (nejen) od UIR-ADR k RUIAN
OKadresy - (nejen) od UIR-ADR k RUIANOKsystem
 
Software pro čipové karty
Software pro čipové kartySoftware pro čipové karty
Software pro čipové kartyOKsystem
 
MicroStrategy GI a GIS Connector
MicroStrategy GI a GIS ConnectorMicroStrategy GI a GIS Connector
MicroStrategy GI a GIS ConnectorOKsystem
 
Od atributu k reportu
Od atributu k reportuOd atributu k reportu
Od atributu k reportuOKsystem
 
Outsourcing - pohled dodavatele
Outsourcing - pohled dodavateleOutsourcing - pohled dodavatele
Outsourcing - pohled dodavateleOKsystem
 

Mais de OKsystem (20)

Smart Cards & Devices Forum 2013 - Aritmetika s velkými čísly
Smart Cards & Devices Forum 2013 - Aritmetika s velkými číslySmart Cards & Devices Forum 2013 - Aritmetika s velkými čísly
Smart Cards & Devices Forum 2013 - Aritmetika s velkými čísly
 
Smart Cards & Devices Forum 2013 - Mobile financial services
Smart Cards & Devices Forum 2013 - Mobile financial servicesSmart Cards & Devices Forum 2013 - Mobile financial services
Smart Cards & Devices Forum 2013 - Mobile financial services
 
Smart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocult
Smart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocultSmart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocult
Smart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocult
 
Smart Cards & Devices Forum 2013 - Cards going mobile
Smart Cards & Devices Forum 2013 - Cards going mobileSmart Cards & Devices Forum 2013 - Cards going mobile
Smart Cards & Devices Forum 2013 - Cards going mobile
 
Smart Cards & Devices Forum 2013 - Babel
Smart Cards & Devices Forum 2013 - BabelSmart Cards & Devices Forum 2013 - Babel
Smart Cards & Devices Forum 2013 - Babel
 
Smart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictví
Smart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictvíSmart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictví
Smart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictví
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
 
Smart Cards & Devices Forum 2013 - Security on mobile
Smart Cards & Devices Forum 2013 - Security on mobileSmart Cards & Devices Forum 2013 - Security on mobile
Smart Cards & Devices Forum 2013 - Security on mobile
 
Smart Cards & Devices Forum 2013 - Wi-fi protected setup
Smart Cards & Devices Forum 2013 - Wi-fi protected setupSmart Cards & Devices Forum 2013 - Wi-fi protected setup
Smart Cards & Devices Forum 2013 - Wi-fi protected setup
 
Smart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnes
Smart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnesSmart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnes
Smart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnes
 
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future Cases
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future CasesSmart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future Cases
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future Cases
 
Smart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securitySmart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant security
 
OKbase - Efektivní využití moderních IT nástrojů při řízení HR
OKbase - Efektivní využití moderních IT nástrojů při řízení HROKbase - Efektivní využití moderních IT nástrojů při řízení HR
OKbase - Efektivní využití moderních IT nástrojů při řízení HR
 
OKbase - Optimalizujte náklady na vzdělávání moderně
OKbase - Optimalizujte náklady na vzdělávání moderněOKbase - Optimalizujte náklady na vzdělávání moderně
OKbase - Optimalizujte náklady na vzdělávání moderně
 
OKbase - moderní IT nástroj pro HR
OKbase - moderní IT nástroj pro HROKbase - moderní IT nástroj pro HR
OKbase - moderní IT nástroj pro HR
 
OKadresy - (nejen) od UIR-ADR k RUIAN
OKadresy - (nejen) od UIR-ADR k RUIANOKadresy - (nejen) od UIR-ADR k RUIAN
OKadresy - (nejen) od UIR-ADR k RUIAN
 
Software pro čipové karty
Software pro čipové kartySoftware pro čipové karty
Software pro čipové karty
 
MicroStrategy GI a GIS Connector
MicroStrategy GI a GIS ConnectorMicroStrategy GI a GIS Connector
MicroStrategy GI a GIS Connector
 
Od atributu k reportu
Od atributu k reportuOd atributu k reportu
Od atributu k reportu
 
Outsourcing - pohled dodavatele
Outsourcing - pohled dodavateleOutsourcing - pohled dodavatele
Outsourcing - pohled dodavatele
 

Último

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 

Último (20)

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 

SmartCard Forum 2008 - Securing digital identity

  • 1. Securing Digital Identity An overview of available technologies and solutions to secure digital identity Jérôme Lena IPL Advanced Product Manager j.lena@oberthurcs.com 1 Securing Digital Identity - © 2008 Oberthur Technologies
  • 2. Agenda Identity and identities Digital identity at risk Securing digital identity Smart card based solutions from Oberthur 2 Securing Digital Identity - © 2008 Oberthur Technologies
  • 3. Identity and identities 3 Securing Digital Identity - © 2008 Oberthur Technologies
  • 4. What is an Identity? Internal definition “Identity” … -noun, plural –ties From Latin “identidem”, contraction of “idem et idem”, literally “the same and the same”. “The state or fact of remaining the same one or ones, as under varying aspects of conditions.” “The condition of being oneself or itself and not another.” “The sense of self, providing sameness and continuity in personality over time and sometimes disturbed in mental illness, as schizophrenia.” … requires a proof of identity Random House Unabridged Dictionary, © Random House Inc. 2006 4 Securing Digital Identity - © 2008 Oberthur Technologies
  • 5. What is an Identity? External definition Identity defined by an authority… Beginning of modern era : identity proof required only from mobile people (pilgrims, beggars, messengers…) Early days of democracy : France, August 4, 1794, first law in the West fixing identity to birth certificate Nowadays : sovereignty and citizenship are the basis of every nation-state. … requires a seal of authority 5 Securing Digital Identity - © 2008 Oberthur Technologies
  • 6. Identity in a digital world Digital Identities are used everyday, sometimes all day long… Digital identites at work Log on to your PC Logon to a Wifi hotspot Send and receive emails Log on to a Virtual Private Network (VPN) Log on to legacy corporate applications. Digital identites at home Log on to your PC Logon to a Wifi hotspot Send and receive emails with an e-mail client Send and receive web-based emails Chat with instant messaging (Windows Live Messenger, Skype, etc). 6 Securing Digital Identity - © 2008 Oberthur Technologies
  • 7. Identity in a digital world Every new internet service requires a new identity… Digital identities for e-commerce Online banking, e-wallets Online shopping (Amazon™, Pixmania™,…) Online selling/auctions (eBay™,…) Digital identities for online communities Social networks (Facebook, Myspace, Meetic…) Online gaming (Role Playing Games, poker) Online publishing and sharing Photo hosting, video sharing, blogs 7 Securing Digital Identity - © 2008 Oberthur Technologies
  • 8. Identity in a digital world … while an “e-citizen” needs a single identity for several internet services. Digital identity for e-government services Income and other taxes declaration Value Added Tax declaration and payment Car registration (online declaration for automobile license) Personal document request and delivery (birth, marriage,…) Social services (unemployment benefits, job search, student grants,…) Declaration to the police (theft, accident,…) 8 Securing Digital Identity - © 2008 Oberthur Technologies
  • 9. Digital identity at risk 9 Securing Digital Identity - © 2008 Oberthur Technologies
  • 10. Digital identity at risk The overexposure threat Have you been Googleized lately? Specialized search engine are now cropping up (eg. Spock) From social networks to social engineering The Facebook “superhero name” information leak* Should one be afraid of digital identity theft? “post-industrial society, technotronic or informational… will be overwhelming for the ones mastering it badly…” “Stolen memories” (Lorenzi & Le Boucher, 1979) *Article of Paul Johns, Complinet Chief Marketing Officer (2007) 10 Securing Digital Identity - © 2008 Oberthur Technologies
  • 11. Digital identity at risk Figures on identity fraud in the UK* Case of identity and impersonation fraud reported 90 000 80 000 80 000 66 000 70 000 60 000 56 000 50 000 46 000 40 000 34 000 30 000 24 000 20 000 16 000 9 000 10 000 0 1999 2000 2001 2002 2003 2004 2005 2006 *CIFAS – UK’s Fraud Prevention Service 2007 11 Securing Digital Identity - © 2008 Oberthur Technologies
  • 12. Digital identity at risk Figures on identity fraud in the US* In 2006: 8,9 million Americans were victimized by identity fraud. Total cost of identity fraud was $56,6 billion. Average fraud amount per victim : $6 383. Average fraud cost per victim : $422. *Javelin Strategy/Better Business Bureau 2006 Identify Fraud Survey Report. 12 Securing Digital Identity - © 2008 Oberthur Technologies
  • 13. Digital identity at risk How does identity theft happen?* Real world Some control Lost or stolen wallet, checkbook or credit card Mail theft from an unlock mailbox Private documents retrieved from trash can (“dumpster diving”) Information stolen at home (relatives, friends, employees) E-mails, calls or text messages pretending to be a trusted source Eavesdropping by a criminal while conducting a public transaction (“shoulder surfing”) Criminal changing address of an account Corrupt business employee who has access to private data Hacking, viruses, spyware Digital world Data breach at an organization that maintains access to private No control information (retailer, school, bank, hospital ) *Ibid. 13 Securing Digital Identity - © 2008 Oberthur Technologies
  • 14. Digital identity at risk Threats to digital identity (some control) E-mail security issues Anybody can create a fake email address E-mail communication provides no confidentiality Wifi security issues WEP encryption has been cracked in January 2001 by the University of Berkeley Any communication going through a “free” hot-spot can be intercepted E-banking security issues Increasing attacks to steal user name & password (phishing, pharming, drive-by-pharming) Insufficient countermeasures User name & password still widely used Web Image Authentication do not offer real protection for online banking (May 2007 Harvard-MIT report) 14 Securing Digital Identity - © 2008 Oberthur Technologies
  • 15. Digital identity at risk Threats to digital identity (no control) Generic IT security issue: digital attacks (a.k.a. “hacking”) For data theft Industrial spying (pricelists, source code, contracts, blueprints, etc…) Customer identity theft (credit card data, personal data, login, etc…) For other cyber criminal activities To be able to impersonate an identity and carry on anonymously on the internet To use e-mail clients or servers to send spam (spam-farm) To store and share illegal or stolen files To synchronize thousands of computers to disable a web site (DDoD) To use computing power to break encryptions To spread virus, trojans, spywares, etc To sell a complete access to a large company network More on these topics : “Dirty Money on the Wires, The Business Models of Cyber Criminals” (Virus Bulletin Conference 2006) 15 Securing Digital Identity - © 2008 Oberthur Technologies
  • 16. Securing digital identity 16 Securing Digital Identity - © 2008 Oberthur Technologies
  • 17. Securing digital identity Identification Unsecure identification Username & password over a clear connection Internet is an open (distributed) environment any data can be intercepted Static End-user Service provider 17 Securing Digital Identity - © 2008 Oberthur Technologies
  • 18. Securing digital identity Identification, confidentiality Identification with confidentiality Username & password over an encrypted connection SSL/TSL https:// + Internet Explorer’s or Firefox’s Internet is not a controlled environment User’s identity is not authenticated Visited web site is not (satisfactorily) authenticated Identification with confidentiality and web site authentication Username & password over an Extended Validation SSL connection Internet is still not a controlled environment User’s identity is still not authenticated 18 Securing Digital Identity - © 2008 Oberthur Technologies
  • 19. Securing digital identity From static to dynamic identification Identification can not be done with constant data Any constant data can be intercepted or stolen It can then be replayed… An end-user can only provide constant data Something he knows (passwords, PIN) Something he is (biometrics) There is a need for a device between the end-user and the service provider The end-user inputs a static identification (password, PIN, biometrics) to identify himself to the device And the device performs a dynamic authentication with the service provider Static Dynamic End-user Device Service provider 19 Securing Digital Identity - © 2008 Oberthur Technologies
  • 20. Securing digital identity Identification, confidentiality, authentication Identification with confidentiality and user authentication Username & password over an encrypted connection, with verification of a shared-secret Paper-based challenge-response One time password provided by a time-based dongle Smart card-based EMV authentication Shared secrets must be… shared Distribution of shared secret is complex and risky Mostly suited for one-to-many digital transactions Not suited for document signing (non-repudiation) 20 Securing Digital Identity - © 2008 Oberthur Technologies
  • 21. Securing digital identity Digital identity document A digital certificate is an electronic document Linking an entity (person, company) with a public key Carrying a digital signature linked with a public key from a trusted third party Compliant to an international standard (ITU X.509 v203)  User’s public key User’s name Email Expiration date Etc… Issuer’s Digital Signature User’s Digital Certificate Trusted User Third party 21 Securing Digital Identity - © 2008 Oberthur Technologies
  • 22. Securing digital identity Identification, confidentiality, authentication, signature Public Key Infrastructure (PKI) Worldwide accepted model for securing communications on intranet, extranet, internet Protocols, services and standards to manage Public Keys to distribute and verify Digital Certificates To verify and authenticate the validity of each party involved in a transaction Trusted Trusted User certificate issuer certificate issuer 22 Securing Digital Identity - © 2008 Oberthur Technologies
  • 23. Securing digital identity Securing private keys PKI security relies on private keys security Private keys are stored on the user’s hard disk A desktop PC is protected only by user/password (in best case) On a PC, private keys can be easily stolen or misused On a PC, cryptographic calculation can be monitored or tempered with There is a need for a secure device To store private keys To perform cryptographic calculations Static Dynamic End-user Secure device Service provider 23 Securing Digital Identity - © 2008 Oberthur Technologies
  • 24. Securing digital identity Smart cards to secure PKI For secure data storage Secure storage of private keys, passphrase, PIN or biometrics data Secure storage of several digital certificates in X.509 format Secure storage of standardized data for digital identification XMLDSIG : (XML Digital Signature), SAML : (Markup Language) Secure storage of national/specific data structure (eg. PIV, IAS) For complex calculations True random generator Cryptographic engine (DES, 3DES, RSA, AES, ECC) + = 24 Securing Digital Identity - © 2008 Oberthur Technologies
  • 25. Securing digital identity Levels of confidence for digital identity Signature tools Software only Smart device + Smart device + Digital Certificate software terminal + delivery mode software Face to face delivery 3 6 9 Highest level of confidence Document-based delivery 2 5 8 Self-registered or self- signed 1 4 7 Lowest level of confidence Secure Static Dynamic End-user Secure data entry device Secure device Service provider 25 Securing Digital Identity - © 2008 Oberthur Technologies
  • 26. Smart card based solutions from Oberthur 26 Securing Digital Identity - © 2008 Oberthur Technologies
  • 27. Smart card based solutions from Oberthur Smart cart, devices and software to upgrade PKI to smart card security Smart cards Private key generation & secure storage of credentials Based on market standards Smart card readers & USB Tokens Hardware interface between smart cards and PC environment Based on market standards (PC/SC to serial, USB, PCMCIA) Client software Software interface between smart cards and Windows Operation Systems Based on market standards 27 Securing Digital Identity - © 2008 Oberthur Technologies
  • 28. Smart card based solutions from Oberthur Classic Smart Card Features Contactless Mifare™ and T=CL interface Contact ISO 7816 interface Support for X.509 digital certificates Support for multiple application Form factors Common Criteria EAL 4+ PP SSCD ID-1 smart card SIM-Plug size United-States NIST United- USB Token FIPS 140-2 Level 3 140- Standards supported Javacard 2.2 with Global Platform 2.1.1. * Compliant with Qualified Electronic Signature as defined by Common Criteria EAL 4+ PP SSCD* (ISO Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for 15408) electronic signatures 28 Securing Digital Identity - © 2008 Oberthur Technologies FIPS 140-2 Level 3
  • 29. Smart card based solutions from Oberthur Transparent readers Desktop contact readers Desktop contactless readers Laptop readers CC EAL 3+ Enhanced security readers Common Criteria certified Pinpad & LCD Fingerprint biometrics reader 29 Securing Digital Identity - © 2008 Oberthur Technologies
  • 30. Smart card based solutions from Oberthur Client software (middleware) ID-One Classic Mini-driver For 32 bits and 64 bits versions of Microsoft Vista ™ Compliant with Microsoft new specifications for smart cards (Crypto API Next Generation) Tested and validated by Microsoft Smart Card Certification Center in Dublin Referenced and available on-line for instant download on Microsoft Update Catalog 30 Securing Digital Identity - © 2008 Oberthur Technologies
  • 31. Smart card based solutions from Oberthur Client software (middleware) ID-One Classic Middleware (AuthentIC Web Pack) Support for deployed Oberthur smart cards Support for PKCS#11 under Windows Vista™ Operation Systems: Windows 9x Windows Me Windows 2000 Windows 2003 Windows XP Windows Vista™ 32 bits Linux 31 Securing Digital Identity - © 2008 Oberthur Technologies
  • 32. Smart card based solutions from Oberthur Contact chip ID-One Token for Digital ID Contactless chip for Access Control Desktop readers ID-One Classic card Common Criteria Laptop readers Secure Chips Smart Card Readers EAL 4+ PP SSCD Identity applications USB Token Secure Pinpad readers United-States NIST United- FIPS 104-2 Level 3 104- Comp Common Criteria le bringi te solutions EAL 3+ n secur g smart ca it y t o r CustomerI-based digita PK l ID sy d stems Advanced physical security Secure background Security Features Interface to link Invisible ink Personalization smart card with ID-One Classic minidriver Hologram embedding applications on PC Fulfillment AuthentIC Web Pack middleware for Windows 9x, 2K, 2K3, XP ,Vista Personalization services Secure login Electronic signature E-mail encryption 32 Securing Digital Identity - © 2008 Oberthur Technologies
  • 33. Thank you 33 Securing Digital Identity - © 2008 Oberthur Technologies