A presentation for ISC2 Identity web-conference.

1. The future of a smart mobile device as a trusted personal Identity management assistant Vladimir Jirasek CISSP-ISSAP & ISSMP, CISM, CISA Senior Enterprise Security Architect, Nokia Steering Group, Common Assurance Maturity Model Non-executive director, CSA UK & Ireland

3. Identity problem in cyber space

4. Identity problem in cyber space Security risk, inconvenience and economic acceleration hindrance

7. Mobile device becomes ubiquitous identity assistant Certifies attributes Certifies Identity provider Certifies Attribute provider Contract Requests identity Issues identity into smart device Authenticates user Seamless login Authenticates user Manages different “ Personas ” on behalf of user Authenticates user and passes required attributes Policies for required level of identity assurance and attributes (Multiple of) (Multiple of)

9. Mobile device as a trusted device: [4,5] How does mobile HW and OS hold up? Typically contains System on Chip (SoC) Load Kernel and mobile OS Load mobile applications If Trust is not assured from HW up then there is no trust at all! Enterprise apps accessed from mobile devices OS security capabilities are crucial Application segregation, security reviews

12. Interoperable cyber identity means more security and more convenience for users = economic benefits Smart mobile device becomes a centre of identity management – secure store and conveniently user digital identity in everyday life (Communicate, Contribute, Access, Pay) Governments should promote interoperable identity frameworks Identity and attribute providers will operate internationally Registration authorities will operate mostly nationally

14. Questions? Click on the questions tab on your screen, type in your question, name and e-mail address; then hit submit.