SlideShare uma empresa Scribd logo

Securing the Cloud for a Connected Society

COMPUTEX TAIPEI
COMPUTEX TAIPEI

COMPUTEX TAIPEI 2013 - Cloud Industry Forum Topic: Securing the Cloud for a Connected Society Speaker: Michael Poitner Global Segment Marketing Director, Authentication, NXP Semiconductors

Tecnologia
1 de 18
Baixar para ler offline
Securing the Cloud for a Connected Society Computex – Cloud Industry Forum Taipei, June 6, 2013 Michael Poitner
Table of Contents Online Authentication Facts Today’s 2-factor Authentication Solutions Google’s “War on Password” and Solution Hardware Secure Elements and Threats Introduction to Fido (Fast Identity Online) User vs. Device Authentication Overview NXP Page 2 6/6/2013 Securing The Cloud – War On Password
Online Authentication: few facts Username and password prevalent for the past 40 years: Still adapted? Although I connect to 8 different services per day, I use some of them very I own 25 online accounts. a password re-initialization seldom and sometimes In you expect user has 6.5 Doaverage, athe service costs the to me to forget $15 associated different passwords remember provider password. 25 passwords? • Account takeover (ATF+NAF) rose by 50% in 2012 (Javelin March 2013) • Average 25 accounts per user • 6.5 different passwords • 8 services used per day in average • $15 per password re-initialization User Page 3 Service Provider 6/6/2013 • Passwords are being • Reused • Phished • Keylogged Securing The Cloud – War On Password
Online Authentication: more facts Passwords are not secure enough Some more hacking incidents Cisco IOS Passwords Issue: March 18 Michelle Obama, Hillary Clinton, Britney Spears, …: March 11 Evernote hacked, Password reset for 50M: March 2 cPanel web hosting control service hacked: Feb 28 Google 2-step verification tricked: Feb 26 Facebook, Apple, Microsoft corporate network hacked: Feb 22 250,000 Twitter accounts (Burger King, Jeep) hacked: Feb 19 Source: Ponemon Institute 2013 (sponsored by NokNok Labs Inc.) Page 4 6/6/2013 Securing The Cloud – War On Password
Good Pa$$phr@ses#1 are rare Source: http://www.troyhunt.com/2011/03/only-secure-password-is-one-you-cant.html Page 5 6/6/2013 Securing The Cloud – War On Password
Online Authentication: few facts Multi-factors authentication proved efficiency in reducing fraud Multi-Factor Authentication, e.g. a token and a secret I don’t want to carry one (Pin or password) each of physical token for proved veryaccounts. my secure User Page 6 • With Chip-and-PIN card introduction in UK, fraud has decreased by 69% • For user convenience, tokens should be shared between services Service Provider 6/6/2013 Securing The Cloud – War On Password 6
Online Authentication: few facts PC is no longer the only access platform What about securing to Please don’t ask me My TVthesmartphone I use my now connected. accesses credential back move is through my Iand forth between all my can console? my more use it than Mymy to gameoften access PC favorite Facebook access content connected car? platforms • 64% of Facebook users via Smartphone, up by 57% yearover-year (FB Q4-12) • By 2016, 100M homes will be equipped with SmartTV in US and Western Europe (NPD In-Stat 2012) • Must have consistent level of security through all platforms User Page 7 Service Provider 6/6/2013 Security level is defined • Solution must by the weakest link. We be user-friendly: avoid too must insure utmost many user securitymanipulations through all platforms Securing The Cloud – War On Password
Today’s 2-factor solutions (consumer) Something you have + Something you know SMS OTP • Cost (user and issuer) OTP App/ Soft Certificates • Delay • Vulnerable to malware on host system • Use proprietary algorithms • No 2nd factor if phone/tablet is used for Internet access • Coverage issues • Typically one per site OTP Security • Phishable Convenience/ Features • Cannot hold identity • OTP not calculated in a Secure Element 6/6/2013 • On the large side • Type 6 or 8 digits into the phone • Vulnverable to MITM and MITB attacks Page 8 OTP fobs • No contactless interface Securing The Cloud – War On Password
Google declared “War On Passwords” IEEE paper “Authentication at Scale” Wired article Jan 18 “Gnubby” term leaked on Google blog Jan 18 Yubico blog Jan 21 Google protocol RSA conference Feb 25 Strong user auth Strong auth everywhere FIDO membership U2F working group April 18 Page 9 6/6/2013 Securing The Cloud – War On Password
Authentication System Architecture AUTHENTICATION PROTOCOL END USER RELYING PARTY WEBSITE DISCOVERY BROWSER MOBILE APP WEB APPLICATION PROVISIONING DEVICE ABSTRACTION AUTHENTICATION AUTHENTICATION SERVER IDENTITY SYSTEMS AUTHENTICATION VALIDATION SERVICES Page 10 6/6/2013 Securing The Cloud – War On Password
Hardware Secure Element: a natural placeholder for security credentials • Tamper resistant: credentials can’t be duplicated nor altered • Proven security: core technology for banking cards and e-passports • Works on Windows, Mac and Linux. No driver needed. • Standardized and “open”: Supports multiple web sites • Ubiquitous interface: USB or NFC Page 11 6/6/2013 Securing The Cloud – War On Password
Typical Secure Element attacks Micro-probing Forcing Manipulation Electron Microscopy Atomic Force Microscopy (AFM) Contrast Etching Decoration Page 12 6/6/2013 Global And Local Light Attacks Spike/Glitch injection Alpha Particle Penetration Securing The Cloud – War On Password Non invasive Attacks: Leakage Invasive Attacks Reverse Engineering Delayering Semi-invasive Attacks: Fault Attacks Combined Attacks Photo emission Analysis EMA Analysis Timing Analysis SPA/DPA Analysis
NXP has joined the FIDO alliance board Board Members Page 13 6/6/2013 Securing The Cloud – War On Password
FIDO System Architecture FIDO AUTHENTICATION PROTOCOL END USER RELYING PARTY WEBSITE DISCOVERY BROWSER MOBILE APP WEB APPLICATION PROVISIONING FIDO AUTHENTICATION CLIENT (WINDOWS, MAC, IOS, ANDROID…) DEVICE ABSTRACTION FIDO AUTHENTICATION 6/6/2013 SERVER IDENTITY SYSTEMS AUTHENTICATION VALIDATION SERVICES FIDO AUTHENTICATORS Page 14 AUTHENTICATION Securing The Cloud – War On Password
User vs. Device Authentication Protect sensitive networks and infrastructures • Industrial Control • Smart Grid Secure communications and services • Medical Devices secure firmware management Trust provisioning Tailored solution Bank-grade security Credential management Page 15 • Cloud Services 6/6/2013 Securing The Cloud – War On Password
NXP Semiconductors NXP Strong Innovation Pipeline: Distinctive Technologies:  Headquarters: Eindhoven/NL Over $600M / year in R&D Portfolio of secure/non-secure MCU  Employees: ~25,000 employees 3,200 engineers Embedded non-volatile & flash 11,000 patents Mixed signal processing Down to 40nm processes Zero power RF & NFC in more than 25 countries  Net sales: $4.3B in 2012 Page 16 6/6/2013 Securing The Cloud – War On Password
NXP is the Identification Industry’s #1 Semiconductor Supplier eGovernment Bank Cards Smart Mobility (MIFARE) Cards Tags & Authentication Readers Mobile Page 17 6/6/2013 Securing The Cloud – War On Password
Thank you for your attention! michael.poitner@nxp.com http://www.us-cert.gov/ http://krebsonsecurity.com/ http://www.schneier.com/ https://www.grc.com/haystack.htm

Recomendados

HYPR: The Leading Provider of True Passwordless Security®
HYPR: The Leading Provider of True Passwordless Security®HYPR: The Leading Provider of True Passwordless Security®
HYPR: The Leading Provider of True Passwordless Security®HYPR
 
FIDO Based Consumer Authentication
FIDO Based Consumer AuthenticationFIDO Based Consumer Authentication
FIDO Based Consumer AuthenticationFIDO Alliance
 
Debunking the Myths of SSL VPN Security
Debunking the Myths of SSL VPN SecurityDebunking the Myths of SSL VPN Security
Debunking the Myths of SSL VPN Securityinside-BigData.com
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero TrustOkta-Inc
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai RevisitedClare Nelson, CISSP, CIPP-E
 
IoT security fresh thinking 2017 sep 9
IoT security fresh thinking 2017 sep 9IoT security fresh thinking 2017 sep 9
IoT security fresh thinking 2017 sep 9Arvind Tiwary
 
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CloudIDSummit
 
Zero Trust Cybersecurity for Microsoft Azure Cloud
Zero Trust Cybersecurity for Microsoft Azure Cloud Zero Trust Cybersecurity for Microsoft Azure Cloud
Zero Trust Cybersecurity for Microsoft Azure Cloud Block Armour
 

Mais conteúdo relacionado

Mais procurados

Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
 
Block Armour Unified Secure Access Solution (based on Zero Trust principles)
Block Armour Unified Secure Access Solution (based on Zero Trust principles)Block Armour Unified Secure Access Solution (based on Zero Trust principles)
Block Armour Unified Secure Access Solution (based on Zero Trust principles)Block Armour
 
[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...
[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...
[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...CODE BLUE
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Zscaler
 
Managing Identity without Boundaries
Managing Identity without BoundariesManaging Identity without Boundaries
Managing Identity without BoundariesPing Identity
 
How Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & SecureHow Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & Securescoopnewsgroup
 
IoT Security: How Your TV and Thermostat are Attacking the Internet
IoT Security: How Your TV and Thermostat are Attacking the InternetIoT Security: How Your TV and Thermostat are Attacking the Internet
IoT Security: How Your TV and Thermostat are Attacking the InternetNathan Wallace, PhD, PE
 
AuthentiThings: The Pitfalls and Promises of Authentication in the IoT
AuthentiThings: The Pitfalls and Promises of Authentication in the IoTAuthentiThings: The Pitfalls and Promises of Authentication in the IoT
AuthentiThings: The Pitfalls and Promises of Authentication in the IoTTransUnion
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT securityJulien Vermillard
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security PatternsMark Benson
 
Cloud Security Primer - F5 Networks
Cloud Security Primer - F5 NetworksCloud Security Primer - F5 Networks
Cloud Security Primer - F5 NetworksHarry Gunns
 
Navigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesNavigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesIvanti
 
Jamie Bowser - A Touch(ID) of iOS Security
Jamie Bowser - A Touch(ID) of iOS SecurityJamie Bowser - A Touch(ID) of iOS Security
Jamie Bowser - A Touch(ID) of iOS Securitycentralohioissa
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsGeorge Fletcher
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalFrank Siepmann
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things SecurityTutun Juhana
 

Mais procurados (20)

Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space Age
 
Block Armour Unified Secure Access Solution (based on Zero Trust principles)
Block Armour Unified Secure Access Solution (based on Zero Trust principles)Block Armour Unified Secure Access Solution (based on Zero Trust principles)
Block Armour Unified Secure Access Solution (based on Zero Trust principles)
 
[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...
[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...
[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...
 
IoT Security: Cases and Methods
IoT Security: Cases and MethodsIoT Security: Cases and Methods
IoT Security: Cases and Methods
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8
 
Managing Identity without Boundaries
Managing Identity without BoundariesManaging Identity without Boundaries
Managing Identity without Boundaries
 
How Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & SecureHow Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & Secure
 
IoT Security: How Your TV and Thermostat are Attacking the Internet
IoT Security: How Your TV and Thermostat are Attacking the InternetIoT Security: How Your TV and Thermostat are Attacking the Internet
IoT Security: How Your TV and Thermostat are Attacking the Internet
 
AuthentiThings: The Pitfalls and Promises of Authentication in the IoT
AuthentiThings: The Pitfalls and Promises of Authentication in the IoTAuthentiThings: The Pitfalls and Promises of Authentication in the IoT
AuthentiThings: The Pitfalls and Promises of Authentication in the IoT
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT security
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security Patterns
 
Cloud Security Primer - F5 Networks
Cloud Security Primer - F5 NetworksCloud Security Primer - F5 Networks
Cloud Security Primer - F5 Networks
 
Navigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesNavigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation Slides
 
Jamie Bowser - A Touch(ID) of iOS Security
Jamie Bowser - A Touch(ID) of iOS SecurityJamie Bowser - A Touch(ID) of iOS Security
Jamie Bowser - A Touch(ID) of iOS Security
 
Don't let wireless_detour_your_pci_compliance
Don't let wireless_detour_your_pci_complianceDon't let wireless_detour_your_pci_compliance
Don't let wireless_detour_your_pci_compliance
 
IoT Security: Cases and Methods [CON5446]
IoT Security: Cases and Methods [CON5446]IoT Security: Cases and Methods [CON5446]
IoT Security: Cases and Methods [CON5446]
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open Standards
 
Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 final
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things Security
 

Semelhante a Securing the Cloud for a Connected Society

Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifySumana Mehta
 
The Future of Mobile Application Security
The Future of Mobile Application SecurityThe Future of Mobile Application Security
The Future of Mobile Application SecuritySecureAuth
 
Market Study on Mobile Authentication
Market Study on Mobile AuthenticationMarket Study on Mobile Authentication
Market Study on Mobile AuthenticationFIDO Alliance
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Skycure
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Cloud Security Alliance Lviv Chapter
 
Steps to Scale Internet of Things (IoT)
Steps to Scale Internet of Things (IoT)Steps to Scale Internet of Things (IoT)
Steps to Scale Internet of Things (IoT)Rafael Maranon
 
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Zernike College
 
2014 IoT Forum_ Fido Alliance
2014 IoT Forum_ Fido Alliance2014 IoT Forum_ Fido Alliance
2014 IoT Forum_ Fido AllianceCOMPUTEX TAIPEI
 
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCloudIDSummit
 
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud... Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...Rachel Wandishin
 
MILCOM 2013 Keynote Presentation: Larry Payne
MILCOM 2013 Keynote Presentation: Larry Payne MILCOM 2013 Keynote Presentation: Larry Payne
MILCOM 2013 Keynote Presentation: Larry Payne AFCEA International
 
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...Ranjan Jain
 
Security Keys Presentation.pptx
Security Keys Presentation.pptxSecurity Keys Presentation.pptx
Security Keys Presentation.pptxAlok Sharma
 
The 5 Crazy Mistakes IoT Administrators Make with System Credentials
The 5 Crazy Mistakes IoT Administrators Make with System CredentialsThe 5 Crazy Mistakes IoT Administrators Make with System Credentials
The 5 Crazy Mistakes IoT Administrators Make with System CredentialsBeyondTrust
 
Fido U2F Protocol by Ather Ali
Fido U2F Protocol by Ather Ali Fido U2F Protocol by Ather Ali
Fido U2F Protocol by Ather Ali OWASP Delhi
 
Fido U2F PROTOCOL
Fido U2F PROTOCOLFido U2F PROTOCOL
Fido U2F PROTOCOLAther Ali
 
Securing broker less publish subscribe systems using identity-based encryption
Securing broker less publish subscribe systems using identity-based encryptionSecuring broker less publish subscribe systems using identity-based encryption
Securing broker less publish subscribe systems using identity-based encryptionLeMeniz Infotech
 
Iaetsd future polling system using cloud computing in support with smart clie...
Iaetsd future polling system using cloud computing in support with smart clie...Iaetsd future polling system using cloud computing in support with smart clie...
Iaetsd future polling system using cloud computing in support with smart clie...Iaetsd Iaetsd
 

Semelhante a Securing the Cloud for a Connected Society (20)

Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
 
The Future of Mobile Application Security
The Future of Mobile Application SecurityThe Future of Mobile Application Security
The Future of Mobile Application Security
 
Market Study on Mobile Authentication
Market Study on Mobile AuthenticationMarket Study on Mobile Authentication
Market Study on Mobile Authentication
 
Cybersecurity Slides
Cybersecurity SlidesCybersecurity Slides
Cybersecurity Slides
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
 
Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
 
Steps to Scale Internet of Things (IoT)
Steps to Scale Internet of Things (IoT)Steps to Scale Internet of Things (IoT)
Steps to Scale Internet of Things (IoT)
 
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009
 
2014 IoT Forum_ Fido Alliance
2014 IoT Forum_ Fido Alliance2014 IoT Forum_ Fido Alliance
2014 IoT Forum_ Fido Alliance
 
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
 
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud... Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
 
MILCOM 2013 Keynote Presentation: Larry Payne
MILCOM 2013 Keynote Presentation: Larry Payne MILCOM 2013 Keynote Presentation: Larry Payne
MILCOM 2013 Keynote Presentation: Larry Payne
 
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...
 
Security Keys Presentation.pptx
Security Keys Presentation.pptxSecurity Keys Presentation.pptx
Security Keys Presentation.pptx
 
The 5 Crazy Mistakes IoT Administrators Make with System Credentials
The 5 Crazy Mistakes IoT Administrators Make with System CredentialsThe 5 Crazy Mistakes IoT Administrators Make with System Credentials
The 5 Crazy Mistakes IoT Administrators Make with System Credentials
 
Fido U2F Protocol by Ather Ali
Fido U2F Protocol by Ather Ali Fido U2F Protocol by Ather Ali
Fido U2F Protocol by Ather Ali
 
Fido U2F PROTOCOL
Fido U2F PROTOCOLFido U2F PROTOCOL
Fido U2F PROTOCOL
 
Securing broker less publish subscribe systems using identity-based encryption
Securing broker less publish subscribe systems using identity-based encryptionSecuring broker less publish subscribe systems using identity-based encryption
Securing broker less publish subscribe systems using identity-based encryption
 
Iaetsd future polling system using cloud computing in support with smart clie...
Iaetsd future polling system using cloud computing in support with smart clie...Iaetsd future polling system using cloud computing in support with smart clie...
Iaetsd future polling system using cloud computing in support with smart clie...
 

Mais de COMPUTEX TAIPEI

2015 CPX Summit Forum_The Era of Smart Mobility: Integrating Software and Har...
2015 CPX Summit Forum_The Era of Smart Mobility: Integrating Software and Har...2015 CPX Summit Forum_The Era of Smart Mobility: Integrating Software and Har...
2015 CPX Summit Forum_The Era of Smart Mobility: Integrating Software and Har...COMPUTEX TAIPEI
 
2015 CPX Summit Forum: BYOC - The Brand New Internet of Beings
2015 CPX Summit Forum: BYOC - The Brand New Internet of Beings2015 CPX Summit Forum: BYOC - The Brand New Internet of Beings
2015 CPX Summit Forum: BYOC - The Brand New Internet of BeingsCOMPUTEX TAIPEI
 
2014 CPX Conference_Technology Disruption Forum_Quanta Computer
2014 CPX Conference_Technology Disruption Forum_Quanta Computer2014 CPX Conference_Technology Disruption Forum_Quanta Computer
2014 CPX Conference_Technology Disruption Forum_Quanta ComputerCOMPUTEX TAIPEI
 
2014 Summit_Forum_MediaTek
2014 Summit_Forum_MediaTek2014 Summit_Forum_MediaTek
2014 Summit_Forum_MediaTekCOMPUTEX TAIPEI
 
2014 Big_Data_Forum_Cisco
2014 Big_Data_Forum_Cisco2014 Big_Data_Forum_Cisco
2014 Big_Data_Forum_CiscoCOMPUTEX TAIPEI
 
2014 Big_Data_Forum_Intel
2014 Big_Data_Forum_Intel2014 Big_Data_Forum_Intel
2014 Big_Data_Forum_IntelCOMPUTEX TAIPEI
 
2014 Big_Data_Forum_Pivotal
2014 Big_Data_Forum_Pivotal2014 Big_Data_Forum_Pivotal
2014 Big_Data_Forum_PivotalCOMPUTEX TAIPEI
 
2014 Big_Data_Forum_HGST
2014 Big_Data_Forum_HGST2014 Big_Data_Forum_HGST
2014 Big_Data_Forum_HGSTCOMPUTEX TAIPEI
 
2014 Big_Data_Forum_Salesforce.com
2014 Big_Data_Forum_Salesforce.com2014 Big_Data_Forum_Salesforce.com
2014 Big_Data_Forum_Salesforce.comCOMPUTEX TAIPEI
 
2014 Technology_Disruption_Forum_Quipper
2014 Technology_Disruption_Forum_Quipper2014 Technology_Disruption_Forum_Quipper
2014 Technology_Disruption_Forum_QuipperCOMPUTEX TAIPEI
 
2014 Technology_Disruption_Forum_SmartThings
2014 Technology_Disruption_Forum_SmartThings2014 Technology_Disruption_Forum_SmartThings
2014 Technology_Disruption_Forum_SmartThingsCOMPUTEX TAIPEI
 
2014 IoT Forum_Mobile World Capital Barcelona
2014 IoT Forum_Mobile World Capital Barcelona2014 IoT Forum_Mobile World Capital Barcelona
2014 IoT Forum_Mobile World Capital BarcelonaCOMPUTEX TAIPEI
 
Many Clouds, Many Choices (Oracle)
Many Clouds, Many Choices (Oracle) Many Clouds, Many Choices (Oracle)
Many Clouds, Many Choices (Oracle) COMPUTEX TAIPEI
 
Re-architecting the Datacenter to Deliver Better Experiences (Intel)
Re-architecting the Datacenter to Deliver Better Experiences (Intel)Re-architecting the Datacenter to Deliver Better Experiences (Intel)
Re-architecting the Datacenter to Deliver Better Experiences (Intel)COMPUTEX TAIPEI
 

Mais de COMPUTEX TAIPEI (20)

2015 CPX Summit Forum_The Era of Smart Mobility: Integrating Software and Har...
2015 CPX Summit Forum_The Era of Smart Mobility: Integrating Software and Har...2015 CPX Summit Forum_The Era of Smart Mobility: Integrating Software and Har...
2015 CPX Summit Forum_The Era of Smart Mobility: Integrating Software and Har...
 
2015 CPX Summit Forum: BYOC - The Brand New Internet of Beings
2015 CPX Summit Forum: BYOC - The Brand New Internet of Beings2015 CPX Summit Forum: BYOC - The Brand New Internet of Beings
2015 CPX Summit Forum: BYOC - The Brand New Internet of Beings
 
2014 CPX Conference_Technology Disruption Forum_Quanta Computer
2014 CPX Conference_Technology Disruption Forum_Quanta Computer2014 CPX Conference_Technology Disruption Forum_Quanta Computer
2014 CPX Conference_Technology Disruption Forum_Quanta Computer
 
2014 Summit_Forum_MediaTek
2014 Summit_Forum_MediaTek2014 Summit_Forum_MediaTek
2014 Summit_Forum_MediaTek
 
2014 Summit_Forum_Acer
2014 Summit_Forum_Acer2014 Summit_Forum_Acer
2014 Summit_Forum_Acer
 
2014 Big_Data_Forum_Cisco
2014 Big_Data_Forum_Cisco2014 Big_Data_Forum_Cisco
2014 Big_Data_Forum_Cisco
 
2014 Big_Data_Forum_Intel
2014 Big_Data_Forum_Intel2014 Big_Data_Forum_Intel
2014 Big_Data_Forum_Intel
 
2014 Big_Data_Forum_AWS
2014 Big_Data_Forum_AWS2014 Big_Data_Forum_AWS
2014 Big_Data_Forum_AWS
 
2014 Big_Data_Forum_Pivotal
2014 Big_Data_Forum_Pivotal2014 Big_Data_Forum_Pivotal
2014 Big_Data_Forum_Pivotal
 
2014 Big_Data_Forum_HGST
2014 Big_Data_Forum_HGST2014 Big_Data_Forum_HGST
2014 Big_Data_Forum_HGST
 
2014 Big_Data_Forum_Salesforce.com
2014 Big_Data_Forum_Salesforce.com2014 Big_Data_Forum_Salesforce.com
2014 Big_Data_Forum_Salesforce.com
 
2014 Technology_Disruption_Forum_Quipper
2014 Technology_Disruption_Forum_Quipper2014 Technology_Disruption_Forum_Quipper
2014 Technology_Disruption_Forum_Quipper
 
2014 Technology_Disruption_Forum_SmartThings
2014 Technology_Disruption_Forum_SmartThings2014 Technology_Disruption_Forum_SmartThings
2014 Technology_Disruption_Forum_SmartThings
 
2014 IoT_Forum_NXP
2014 IoT_Forum_NXP2014 IoT_Forum_NXP
2014 IoT_Forum_NXP
 
2014 IoT_Forum_AMD
2014 IoT_Forum_AMD2014 IoT_Forum_AMD
2014 IoT_Forum_AMD
 
2014 IoT Forum_Mobile World Capital Barcelona
2014 IoT Forum_Mobile World Capital Barcelona2014 IoT Forum_Mobile World Capital Barcelona
2014 IoT Forum_Mobile World Capital Barcelona
 
2014 IoT Forum_ST
2014 IoT Forum_ST2014 IoT Forum_ST
2014 IoT Forum_ST
 
2014 IoT Forum_Broadcom
2014 IoT Forum_Broadcom2014 IoT Forum_Broadcom
2014 IoT Forum_Broadcom
 
Many Clouds, Many Choices (Oracle)
Many Clouds, Many Choices (Oracle) Many Clouds, Many Choices (Oracle)
Many Clouds, Many Choices (Oracle)
 
Re-architecting the Datacenter to Deliver Better Experiences (Intel)
Re-architecting the Datacenter to Deliver Better Experiences (Intel)Re-architecting the Datacenter to Deliver Better Experiences (Intel)
Re-architecting the Datacenter to Deliver Better Experiences (Intel)
 

Último

Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 

Último (20)

Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 

Securing the Cloud for a Connected Society

  • 1. Securing the Cloud for a Connected Society Computex – Cloud Industry Forum Taipei, June 6, 2013 Michael Poitner
  • 2. Table of Contents Online Authentication Facts Today’s 2-factor Authentication Solutions Google’s “War on Password” and Solution Hardware Secure Elements and Threats Introduction to Fido (Fast Identity Online) User vs. Device Authentication Overview NXP Page 2 6/6/2013 Securing The Cloud – War On Password
  • 3. Online Authentication: few facts Username and password prevalent for the past 40 years: Still adapted? Although I connect to 8 different services per day, I use some of them very I own 25 online accounts. a password re-initialization seldom and sometimes In you expect user has 6.5 Doaverage, athe service costs the to me to forget $15 associated different passwords remember provider password. 25 passwords? • Account takeover (ATF+NAF) rose by 50% in 2012 (Javelin March 2013) • Average 25 accounts per user • 6.5 different passwords • 8 services used per day in average • $15 per password re-initialization User Page 3 Service Provider 6/6/2013 • Passwords are being • Reused • Phished • Keylogged Securing The Cloud – War On Password
  • 4. Online Authentication: more facts Passwords are not secure enough Some more hacking incidents Cisco IOS Passwords Issue: March 18 Michelle Obama, Hillary Clinton, Britney Spears, …: March 11 Evernote hacked, Password reset for 50M: March 2 cPanel web hosting control service hacked: Feb 28 Google 2-step verification tricked: Feb 26 Facebook, Apple, Microsoft corporate network hacked: Feb 22 250,000 Twitter accounts (Burger King, Jeep) hacked: Feb 19 Source: Ponemon Institute 2013 (sponsored by NokNok Labs Inc.) Page 4 6/6/2013 Securing The Cloud – War On Password
  • 5. Good Pa$$phr@ses#1 are rare Source: http://www.troyhunt.com/2011/03/only-secure-password-is-one-you-cant.html Page 5 6/6/2013 Securing The Cloud – War On Password
  • 6. Online Authentication: few facts Multi-factors authentication proved efficiency in reducing fraud Multi-Factor Authentication, e.g. a token and a secret I don’t want to carry one (Pin or password) each of physical token for proved veryaccounts. my secure User Page 6 • With Chip-and-PIN card introduction in UK, fraud has decreased by 69% • For user convenience, tokens should be shared between services Service Provider 6/6/2013 Securing The Cloud – War On Password 6
  • 7. Online Authentication: few facts PC is no longer the only access platform What about securing to Please don’t ask me My TVthesmartphone I use my now connected. accesses credential back move is through my Iand forth between all my can console? my more use it than Mymy to gameoften access PC favorite Facebook access content connected car? platforms • 64% of Facebook users via Smartphone, up by 57% yearover-year (FB Q4-12) • By 2016, 100M homes will be equipped with SmartTV in US and Western Europe (NPD In-Stat 2012) • Must have consistent level of security through all platforms User Page 7 Service Provider 6/6/2013 Security level is defined • Solution must by the weakest link. We be user-friendly: avoid too must insure utmost many user securitymanipulations through all platforms Securing The Cloud – War On Password
  • 8. Today’s 2-factor solutions (consumer) Something you have + Something you know SMS OTP • Cost (user and issuer) OTP App/ Soft Certificates • Delay • Vulnerable to malware on host system • Use proprietary algorithms • No 2nd factor if phone/tablet is used for Internet access • Coverage issues • Typically one per site OTP Security • Phishable Convenience/ Features • Cannot hold identity • OTP not calculated in a Secure Element 6/6/2013 • On the large side • Type 6 or 8 digits into the phone • Vulnverable to MITM and MITB attacks Page 8 OTP fobs • No contactless interface Securing The Cloud – War On Password
  • 9. Google declared “War On Passwords” IEEE paper “Authentication at Scale” Wired article Jan 18 “Gnubby” term leaked on Google blog Jan 18 Yubico blog Jan 21 Google protocol RSA conference Feb 25 Strong user auth Strong auth everywhere FIDO membership U2F working group April 18 Page 9 6/6/2013 Securing The Cloud – War On Password
  • 10. Authentication System Architecture AUTHENTICATION PROTOCOL END USER RELYING PARTY WEBSITE DISCOVERY BROWSER MOBILE APP WEB APPLICATION PROVISIONING DEVICE ABSTRACTION AUTHENTICATION AUTHENTICATION SERVER IDENTITY SYSTEMS AUTHENTICATION VALIDATION SERVICES Page 10 6/6/2013 Securing The Cloud – War On Password
  • 11. Hardware Secure Element: a natural placeholder for security credentials • Tamper resistant: credentials can’t be duplicated nor altered • Proven security: core technology for banking cards and e-passports • Works on Windows, Mac and Linux. No driver needed. • Standardized and “open”: Supports multiple web sites • Ubiquitous interface: USB or NFC Page 11 6/6/2013 Securing The Cloud – War On Password
  • 12. Typical Secure Element attacks Micro-probing Forcing Manipulation Electron Microscopy Atomic Force Microscopy (AFM) Contrast Etching Decoration Page 12 6/6/2013 Global And Local Light Attacks Spike/Glitch injection Alpha Particle Penetration Securing The Cloud – War On Password Non invasive Attacks: Leakage Invasive Attacks Reverse Engineering Delayering Semi-invasive Attacks: Fault Attacks Combined Attacks Photo emission Analysis EMA Analysis Timing Analysis SPA/DPA Analysis
  • 13. NXP has joined the FIDO alliance board Board Members Page 13 6/6/2013 Securing The Cloud – War On Password
  • 14. FIDO System Architecture FIDO AUTHENTICATION PROTOCOL END USER RELYING PARTY WEBSITE DISCOVERY BROWSER MOBILE APP WEB APPLICATION PROVISIONING FIDO AUTHENTICATION CLIENT (WINDOWS, MAC, IOS, ANDROID…) DEVICE ABSTRACTION FIDO AUTHENTICATION 6/6/2013 SERVER IDENTITY SYSTEMS AUTHENTICATION VALIDATION SERVICES FIDO AUTHENTICATORS Page 14 AUTHENTICATION Securing The Cloud – War On Password
  • 15. User vs. Device Authentication Protect sensitive networks and infrastructures • Industrial Control • Smart Grid Secure communications and services • Medical Devices secure firmware management Trust provisioning Tailored solution Bank-grade security Credential management Page 15 • Cloud Services 6/6/2013 Securing The Cloud – War On Password
  • 16. NXP Semiconductors NXP Strong Innovation Pipeline: Distinctive Technologies:  Headquarters: Eindhoven/NL Over $600M / year in R&D Portfolio of secure/non-secure MCU  Employees: ~25,000 employees 3,200 engineers Embedded non-volatile & flash 11,000 patents Mixed signal processing Down to 40nm processes Zero power RF & NFC in more than 25 countries  Net sales: $4.3B in 2012 Page 16 6/6/2013 Securing The Cloud – War On Password
  • 17. NXP is the Identification Industry’s #1 Semiconductor Supplier eGovernment Bank Cards Smart Mobility (MIFARE) Cards Tags & Authentication Readers Mobile Page 17 6/6/2013 Securing The Cloud – War On Password
  • 18. Thank you for your attention! michael.poitner@nxp.com http://www.us-cert.gov/ http://krebsonsecurity.com/ http://www.schneier.com/ https://www.grc.com/haystack.htm