IT Security Course [3hours] Vincent Naessens

Size: px
Start display at page:

Download "IT Security Course [3hours] Vincent Naessens"

Transcription

1 IT Security Course [3hours] Vincent Naessens

2

3

4 Security research at KU Leuven Department of Electrical Engineering Cryptographic algoritms and protocols Hardware support and embedded design Department of Computer Science Middleware for security Methodological support Technology driven Close collaboration with industry

5 Research scope MSEC o RL 1: Identity management using mobile platforms Jorn Lapon Anonymous Credential Systems: From Theory Towards Practice Jan Vossaert Privacy friendly identity management Faysal Boukayoua Improving security and privacy on mobile devices o RL 2: Formal security and privacy analysis Koen Decroix A Formal Approach for Inspecting Privacy and Trust in e-services Laurens Lemaire Analysis and management of security in industrial control systems

6 Crypto-analysis course?

7

8 A pragmatic approach

9 Overview Overview of authentication technologies 1. Password based authentication 2. Solutions to tackle password weaknesses 3. Smartcard authentication Security on mobile platforms 1. Android versus ios security 2. Comparison with other platforms

10 PART I: Authentication Technologies

11 PKI based and biometric solutions Password based authentication Smartcard based authentication

12

13 Terminology attacker (hacker) Communication channel user client server service provider (administrator)

14 1. Social engineering

15

16

17 2. Secure Storage

18

19

20 3. Dictionary attack

21 # % # % # % # % # % # % # % # % # % # % # % # % # % # % # % # % # % # % # % # %

22 Worst Passwords List of password qwerty 5. abc monkey letmein 9. trustno1 10. dragon 11. baseball iloveyou 14. master 15. sunshine

23 Solutions

24

25 4. spoofing/phishing

26

27

28 Geachte klant Wij vragen uw aandacht voor het volgende. Het afgelopen jaar is de ING bank en vele andere banken doelwit geworden van grootschalig internet fraude. Om dit te bestrijden zullen wij alle online bankrekeningen koppelen aan een nieuw ontwikkeld beveiligingssysteem, waarmee verdachte bewegingen sneller getraceerd en opgelost worden. Om uw rekening te kunnen updaten met de nieuwe beveiligings software dient u te klikken op de onderstaande link. Na de update zult u worden gecontacteerd door een medewerker van de ING bank. Open de link met uw Internet Explorer-browser om veiligheidsredenen. Gebruik de onderstaande : KLIK HIER Na de update zal er door een van onze medewerkers contact met u worden opgenomen om het gehele proces te voltooien. Wanneer het gehele proces gereed is zal u weer als vanouds gebruik kunnen maken van het online bankieren via ING BANK. Wij willen u alvast bedanken voor uw medewerking. Hoogachtend, ING-BANK ONLINE.

29 5. Sniffing

30

31

32

33 bkmariewpeic435 bkmariewpeic435

34

35 6. Brute force attacks

36

37 D. 10,000,000 Passwords/sec Fast PC, Dual Processor PC. E. 100,000,000 Passwords/sec Workstation, or multiple PC's working together. F. 1,000,000,000 Passwords/sec Typical for medium to large scale distributed computing, Supercomputers. Bron:

38 AaBbCcDdEeFfGgHhIiJjKkLl MmNnOoPpQqRrSsTtUuVvW wxxyyzz Length Combinations Class D Class E Class F 2 2,704 Instant Instant Instant 3 140,608 Instant Instant Instant Million Instant Instant Instant Million 38 Secs 4 Secs Instant 6 19 Billion 33 Mins 3¼ Mins 19 Secs 7 1 Trillion 28½ Hours 3 Hours 17 Mins 8 53 Trillion 62 Days 6 Days 15 Hours Quadrillion 9 Years 322 Days 32 Days

39 abbccddeeffgghhiijjkkllmmnnoo PpQqRrSsTtUuVvWwXxYyZz <SP>! }~ Length Combinations Class D Class E Class F 2 7,396 Instant Instant Instant Quadrillion 57 Years 346 Days 34 Days Pwd Combinations Class D Class E Class F darren Million 30 Secs 3 Secs Instant Land3rz 3.5 Trillion 4 Days 10 Hours 58 Mins B33r&Mug 7.2 Quadrillion 23 Years 2¼ Years 83½ Days

40 Bad news

41 PROCESSORS ARE BECOMING MORE POWERFUL Rainbow tables

42 What now?

43 A. Single sign on

44

45 B. Computer generated passwords

46

47 Secure Storage?

48

49 C. One-time passwords

50

51 D. Biometry

52

53 Troubles

54 INFRASTRUCTUre is expensive

55 Stealing biometric data

56

57

58 Malaysia car thieves steal finger By Jonathan Kent BBC News, Kuala Lumpur Police in Malaysia are hunting for members of a violent gang who chopped off a car owner's finger to get round the vehicle's hi-tech security system. The car, a Mercedes S-class, was protected by a fingerprint recognition system. Accountant K Kumaran's ordeal began when he was run down by four men in a small car as he was about to get into his Mercedes in a Kuala Lumpur suburb. The gang, armed with long machetes, demanded the keys to his car. It is worth around $75,000 second-hand on the local market, where prices are high because of import duties. Stripped naked The attackers forced Mr Kumaran to put his finger on the security panel to start the vehicle, bundled him into the back seat and drove off. But having stripped the car, the thieves became frustrated when they wanted to restart it. They found they again could not bypass the immobiliser, which needs the owner's fingerprint to disarm it. They stripped Mr Kumaran naked and left him by the side of the road - but not before cutting off the end of his index finger with a machete. Police believe the gang is responsible for a series of thefts in the area.

59 E. Digital Secret Keys

60 -----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEA3U+R4ygDChkgYJAQfCbNhsOspKH/rjW317qPR5zwFrYwTAjt3Be3Do6 H3XHitEiqhA+HSugTPeyg2w7MWa68nLRCcnB4fgeS25F58KVKeZniYg9gTdM+svggApVjC0p 5pgbWRC9bm+gjv4koQU2FidfywYiQDiO5aZfFgWymplOykkM/enaM14REJ5+5nocAB8dg4Vd/ 7Q3aDnEb+euswct3OxYDB4D2NLaGZDxZFfz7xh1YahuP8TXqP3wkbp17E/TKSzKKKAfewyC 7sAakYpIUBOPIku/StZ1Jq4K5e7lCb3GlU/C93WhbAc41gL3eRawMO2cjpCQAtaEWW08QIDA QABAoIBAQCl6AKr0dEFfvSgrx9MkyI8RvBjsvYjuS2K0dabjvEFdasbNQ5rknOuu/bqcXfMQzVhL urzoqrah0wvlbbrnibuyuwnopd7m15kr/jedwwxx17iufivxy8zr51nkmnfiwnldzepkjl6dt pnwgeng3n6bimujryng2x51kc/0r3vtubjlzlgbrz7qwo+3hyukeoysbnvrvjpjp31qaq1w keihragcbyusd0cg5py6be+627uq+ut7b6em6x35zrlvfx6+hjh3itpz91hycmtm8hg7z YKpSIoBmc7A7P+b0uBfAziH020kzgRakrhaR6F3n1A/UDUT4/vekrIYSqanW4JAoGBAPd9roEq VQ4gqVxSv9dIxsbh92nVtAM9VOwbVpLIk0C8XWhe/dXsLELt3EQO5SbVtYNMQo9awYKRPP/ Uxbmh20LgxpRFe3DWg2PeVcKM981ViP0Yt40hyT/0Q8clbmGXWbWYuBHRO/8yk1sjrbx6Es UI+V7qgaSd5HcOHpJ2QVzAoGBAOTrdgUrSdNGVAoZw6NsNRxu2G7jwJXcQgINUMJmjmoJ abmlpof8iuuhhngo3atizslkfkrojdqvgepuvoyas3/iyko1ldenzwlwttfw7xsdr7xujk8gx BVMwiVGNjxd7WtwIvHsVKNdOVez3cueb49ExeDMq12SRtcvX5lCbWMLAoGBAKGZ/l028Azm hm/u9je1yx4wjgaf9sh8ztw6aaa0ufowrqpgqwrkpaqnvp3ntknhel8sjahkrejoadfoa0n Tw3APiU6gzanP2jhqi7eq4M4JvLKDfB9Nu0UMiUzNxHI86zYgHLYHs1rk/I/rp5CLirujbgEFa7MY 5lxmqLYpDD1DAoGABANwzURmBfM8s/ShrnLON5Jl7wPFM5tp+Nk86jucEZXaqY3xtRZVCv4 6p2l7eiMrnYn+ALqR/evEwiQkaRgyuqpCNGG+GH+zrImyU4wfowyarEDhmcRqeOEgokCp4MM Qz4pmwnEPRtHymGwJ3nEHqa5d/cP42SogXdNxzKESg+MCgYEAuUYu0E2LB+pEzc4GfCH3 VqWhxa76FefpcZeGMGqy/2ItN3Pg/SpXira4dQ6jdhrFq2GNAQ+eRxCbwKlVrEPKp0nQijxvH/8 YdjQK/ZUYYNw7Dj2KRBGT2CtywOLLD3N2kPD8yfNxLQD/Q434nN+ZGuOxEo3EANHyq4vz5 EE+TMM= -----END RSA PRIVATE KEY-----

61 -----BEGIN CERTIFICATE----- MIICUTCCAfugAwIBAgIBADANBgkqhkiG9w0BAQQF ADBXMQswCQYDVQQGEwJDTjEL MAkGA1UECBMCUE4xCzAJBgNVBAcTAkNO MQswCQYDVQQKEwJPTjELMAkGA1UECxMC VU4xFDASBgNVBAMTC0hlcm9uZ ybzyw5nmb4xdta1mdcxntixmtk0n1oxdta1mdgx NDIxMTk0N1owVzELMAkG A1UEBhMCQ04xCzAJBgNVBAgTAlBOMQswCQYDVQQHEwJD TjELMAkGA1UEC hmct04xczajbgnvbastalvomrqwegydvqqdewtizxjvbmcgwwfu ZzBcMA0 GCSqGSIb3DQEBAQUAA0sAMEgCQQCp5hnG7ogBhtlynpOS21cBewKE/B7j V14 qeyslnr26xzussvko36znhiao/zbmoorckk9vecgmtclfuqtwdl3ragmbaagj gbe wga4whqydvr0obbyeffxi70krxeqdxzgbacqor4judncemh8ga1udiwr4mha A FFXI70krXeQDxZgbaCQoR4jUDncEoVukWTBXMQswCQYDVQQGEwJDTjELMAk GA1UE CBMCUE4xCzAJBgNVBAcTAkNOMQswCQYDVQQKEwJPTjELMAkGA1UE CxMCVU4xFDAS BgNVBAMTC0hlcm9uZyBZYW5nggEAMAwGA1UdEwQFMAMBA f8wdqyjkozihvcnaqee BQADQQA/ugzBrjjK9jcWnDVfGHlk3icNRq0oV7Ri32z/+HQ X67aRfgZu7KWdI+Ju Wm7DCfrPNGVwFWUQOmsPue9rZBgO ----END CERTIFICATE-----

62 -----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEA3U+R4ygDChkgYJAQfCbNhsOspKH/rjW317qPR5zwFrYwTAjt3Be3Do6H3XHitEiqhA+HSugTPeyg2w7MWa68nLRCcnB4fgeS25F58KVKeZniYg 9gTdM+svggApVjC0p5pgbWRC9bm+gjv4koQU2FidfywYiQDiO5aZfFgWymplOykkM/enaM14REJ5+5nocAB8dg4Vd/7Q3aDnEb+euswct3OxYDB4D2NLaGZDxZFfz7x h1yahup8txqp3wkbp17e/tkszkkkafewyc7saakypiubopiku/stz1jq4k5e7lcb3glu/c93whbac41gl3erawmo2cjpcqataeww08qidaqabaoibaqcl6akr0deffv Sgrx9MkyI8RvBjsvYjuS2K0dabjvEFdasbNQ5rknOuu/bqcXfMQzVhLurzoqraH0wvLBbRnIbUyuWNOPd7M15Kr/JEDwWXx17IuFIvxY8ZR51nkmnfiwNLDZEPKJl6dTpn WgENg3n6biMUJrYng2x51kc/0R3VTUBJLzlGBRZ7QWo+3HYukEOysBnvRvjPJP31Qaq1wkeihRAGcBYUSD0Cg5PY6BE+627UQ+UT7B6EM6x35ZrLvFX6+hJh3ITp Z91HYCmTM8hg7ZYKpSIoBmc7A7P+b0uBfAziH020kzgRakrhaR6F3n1A/UDUT4/vekrIYSqanW4JAoGBAPd9roEqVQ4gqVxSv9dIxsbh92nVtAM9VOwbVpLIk0C8XW he/dxslelt3eqo5sbvtynmqo9awykrpp/uxbmh20lgxprfe3dwg2pevckm981vip0yt40hyt/0q8clbmgxwbwyubhro/8yk1sjrbx6esui+v7qgasd5hcohpj2qvz AoGBAOTrdgUrSdNGVAoZw6NsNRxu2G7jwJXcQgINUMJmjmoJabMLpOF8IUUhHnGo3AtIzSLkfkROJDQVGEPuvoyAS3/iyKo1lDenzwlwtTFW7xsDR7XuJK8gXBVM wivgnjxd7wtwivhsvkndovez3cueb49exedmq12srtcvx5lcbwmlaogbakgz/l028azmhm/u9je1yx4wjgaf9sh8ztw6aaa0ufowrqpgqwrkpaqnvp3ntknhel8 SJAhkrEJoaDfOa0nTw3APiU6gzanP2jhqi7eq4M4JvLKDfB9Nu0UMiUzNxHI86zYgHLYHs1rk/I/rp5CLirujbgEFa7MY5lxmqLYpDD1DAoGABANwzURmBfM8s/ShrnLON 5Jl7wPFM5tp+Nk86jucEZXaqY3xtRZVCv46p2l7eiMrnYn+ALqR/evEwiQkaRgyuqpCNGG+GH+zrImyU4wfowyarEDhmcRqeOEgokCp4MMQz4pmwnEPRtHymGwJ3n EHqa5d/cP42SogXdNxzKESg+MCgYEAuUYu0E2LB+pEzc4GfCH3VqWhxa76FefpcZeGMGqy/2ItN3Pg/SpXira4dQ6jdhrFq2GNAQ+eRxCbwKlVrEPKp0nQijxvH/8Ydj QK/ZUYYNw7Dj2KRBGT2CtywOLLD3N2kPD8yfNxLQD/Q434nN+ZGuOxEo3EANHyq4vz5EE+TMM= -----END RSA PRIVATE KEY BEGIN CERTIFICATE----- MIICUTCCAfugAwIBAgIBADANBgkqhkiG9w0BAQQF ADBXMQswCQYDVQQGEwJDTjEL MAkGA1UECBMCUE4xCzAJBgNVBAcTAkNOMQswCQYDVQQKEwJPTjELMAkGA1UECxMC VU4xFDASBgNVBAMTC0hlcm9uZ ybzyw5nmb4xdta1mdcxntixmtk0n1oxdta1mdgx NDIxMTk0N1owVzELMAkGA1UEBhMCQ04xCzAJBgNVBAgTAlBOMQswCQYDVQQHEwJD TjELMAkGA1UEC hmct04xczajbgnvbastalvomrqwegydvqqdewtizxjvbmcgwwfu ZzBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCp5hnG7ogBhtlynpOS21cBewKE/B7j V14 qeyslnr26xzussvko36znhiao/zbmoorckk9vecgmtclfuqtwdl3ragmbaagj gbewga4whqydvr0obbyeffxi70krxeqdxzgbacqor4judncemh8ga1udiwr4mha A FFXI70krXeQDxZgbaCQoR4jUDncEoVukWTBXMQswCQYDVQQGEwJDTjELMAGA1UE CBMCUE4xCzAJBgNVBAcTAkNOMQswCQYDVQQKEwJPTjELMAkGA1UE CxMCVU4xFDAS BgNVBAMTC0hlcm9uZyBZYW5nggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEE BQADQQA/ugzBrjjK9jcWnDVfGHlk3icNRq0oV7Ri32z/+HQ X67aRfgZu7KWdI+Ju Wm7DCfrPNGVwFWUQOmsPue9rZBgO ----END CERTIFICATE----- [1] generatechallenge() [2] challenge [4] response + [3] generateresponse() [5] Verify(response, )

63 Storage?

64

65

66 F. Multi factor authentication

67

68 Something you know PIN or password Something you have Something you are

69 Something you know Something you have

70 Something you know Something you have

71 Something you have Something you are

72 Time to summarize

73 lessons learnt 1. password length must increase to maintain the same security level 2. Secure storage of passwords and keys is not trivial 3. Multi-factor authentication increases security

74 1. overview of functionality 2. security/privacy assessment 3. conclusions Smartcard based authentication

75 Belgian eid technology Authentication Key and certificate Identity File signed by government Signature key and certificate 1. Digital identification 2. Digital signatures 3. Digital authentication

76 Belgian eid technology::identification Authentication Key and certificate Identity File signed by government Signature key and certificate

77 Belgian eid technology::digital Signatures OK Sign Verify of

78 Belgian eid technology::digital Signatures PIN Authentication Key and certificate Identity File signed by government Signature key and certificate 78

79 Belgian eid technology::beid Authentication PIN Authentication Key and certificate Identity File signed by government Signature key and certificate 79

80 BeID Security and Privacy Threats

81 BeID Privacy Threats Authentication certificate contains many personal attributes All actions of the same user can be linked Certificates are stored in persistent memory by eid reader Malware can distribute the collected information, namely eid file and certificates Malware can transparantly login to other sites after first authentication

82 BeID Security Threats Webservers can enforce users to send data over an insecure connection Malware can send other document to eid card for signing Malware can connect to other sites transparantly without knowledge of the user Keyloggers can intercept the pin code

83 Conclusions Security versus cost versus usability o o Pinpad readers to resist keylogger attacks Lock card after each authentication

84

85 Part II: Security on Mobile Platforms

86

Guide to Evaluating Multi-Factor Authentication Solutions

Guide to Evaluating Multi-Factor Authentication Solutions Guide to Evaluating Multi-Factor Authentication Solutions PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-No-Token / 1-877-668-6536 www.phonefactor.com Guide to Evaluating Multi-Factor

More information

True Identity solution

True Identity solution Identify yourself securely. True Identity solution True Identity authentication and authorization for groundbreaking security across multiple applications including all online transactions Biogy Inc. Copyright

More information

AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT FOUR. Principles of Cybersecurity. www.uscyberpatriot.

AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT FOUR. Principles of Cybersecurity. www.uscyberpatriot. AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT FOUR Principles of Cybersecurity www.uscyberpatriot.org AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION

More information

IDRBT Working Paper No. 11 Authentication factors for Internet banking

IDRBT Working Paper No. 11 Authentication factors for Internet banking IDRBT Working Paper No. 11 Authentication factors for Internet banking M V N K Prasad and S Ganesh Kumar ABSTRACT The all pervasive and continued growth being provided by technology coupled with the increased

More information

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public

More information

Software Token Security & Provisioning: Innovation Galore!

Software Token Security & Provisioning: Innovation Galore! Software Token Security & Provisioning: Innovation Galore! Kenn Min Chong, Principal Product Manager SecurID, RSA Emily Ryan, Security Solution Architect, Intel Michael Lyman, Product Marketing Manager,

More information

KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS

KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS Plurilock Security Solutions Inc. www.plurilock.com info@plurilock.com 2 H IGHLIGHTS: PluriPass is Plurilock static keystroke dynamic biometric

More information

Mobile Banking. Secure Banking on the Go. Matt Hillary, Director of Information Security, MX

Mobile Banking. Secure Banking on the Go. Matt Hillary, Director of Information Security, MX Mobile Banking Secure Banking on the Go Matt Hillary, Director of Information Security, MX Mobile Banking Channels SMS / Texting Mobile Banking Channels Mobile Web Browser Mobile Banking Channels Mobile

More information

A Security Survey of Strong Authentication Technologies

A Security Survey of Strong Authentication Technologies A Security Survey of Strong Authentication Technologies WHITEPAPER Contents Introduction... 1 Authentication Methods... 2 Classes of Attacks on Authentication Mechanisms... 5 Security Analysis of Authentication

More information

Enhancing Web Application Security

Enhancing Web Application Security Enhancing Web Application Security Using Another Authentication Factor Karen Lu and Asad Ali Gemalto, Inc. Technology & Innovations Austin, TX, USA Overview Introduction Current Statet Smart Cards Two-Factor

More information

Top 12 Cyber Threats for Macintosh and PC Users

Top 12 Cyber Threats for Macintosh and PC Users Top 12 Cyber Threats for Macintosh and PC Users Who is encompass? We are a team of business technologists dedicated to the unique needs of credit unions and regulated SMBs operating in a highly secure

More information

Security Levels for Web Authentication using Mobile Phones

Security Levels for Web Authentication using Mobile Phones Security Levels for Web Authentication using Mobile Phones Anna Vapen and Nahid Shahmehri Department of computer and information science Linköpings universitet, SE-58183 Linköping, Sweden {annva,nahsh}@ida.liu.se

More information

Moving to Multi-factor Authentication. Kevin Unthank

Moving to Multi-factor Authentication. Kevin Unthank Moving to Multi-factor Authentication Kevin Unthank What is Authentication 3 steps of Access Control Identification: The entity makes claim to a particular Identity Authentication: The entity proves that

More information

Multi-factor authentication

Multi-factor authentication CYBER SECURITY OPERATIONS CENTRE (UPDATED) 201 (U) LEGAL NOTICE: THIS PUBLICATION HAS BEEN PRODUCED BY THE DEFENCE SIGNALS DIRECTORATE (DSD), ALSO KNOWN AS THE AUSTRALIAN SIGNALS DIRECTORATE (ASD). ALL

More information

The 4 forces that generate authentication revenue for the channel

The 4 forces that generate authentication revenue for the channel The 4 forces that generate authentication revenue for the channel Web access and the increasing availability of high speed broadband has expanded the potential market and reach for many organisations and

More information

How TraitWare TM Can Secure and Simplify the Healthcare Industry

How TraitWare TM Can Secure and Simplify the Healthcare Industry How TraitWare TM Can Secure and Simplify the Healthcare Industry January 2015 Secure and Simplify Your Digital Life. Overview of HIPPA Authentication Standards When Title II of the Health Insurance Portability

More information

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER with Convenience and Personal Privacy version 0.2 Aug.18, 2007 WHITE PAPER CONTENT Introduction... 3 Identity verification and multi-factor authentication..... 4 Market adoption... 4 Making biometrics

More information

Strong Authentication for Secure VPN Access

Strong Authentication for Secure VPN Access Strong Authentication for Secure VPN Access Solving the Challenge of Simple and Secure Remote Access W H I T E P A P E R EXECUTIVE SUMMARY In today s competitive and efficiency-driven climate, organizations

More information

Assuring the Cloud. Hans Bootsma Deloitte Risk Services hbootsma@deloitte.nl +31 (0)6 1098 0182

Assuring the Cloud. Hans Bootsma Deloitte Risk Services hbootsma@deloitte.nl +31 (0)6 1098 0182 Assuring the Cloud Hans Bootsma Deloitte Risk Services hbootsma@deloitte.nl +31 (0)6 1098 0182 Need for Assurance in Cloud Computing Demand Fast go to market Support innovation Lower costs Access everywhere

More information

Device-Centric Authentication and WebCrypto

Device-Centric Authentication and WebCrypto Device-Centric Authentication and WebCrypto Dirk Balfanz, Google, balfanz@google.com A Position Paper for the W3C Workshop on Web Cryptography Next Steps Device-Centric Authentication We believe that the

More information

Trends in Mobile Authentication. cnlab security ag, obere bahnhofstr. 32b, CH-8640 rapperswil-jona esther.haenggi@cnlab.ch, +41 55 214 33 36

Trends in Mobile Authentication. cnlab security ag, obere bahnhofstr. 32b, CH-8640 rapperswil-jona esther.haenggi@cnlab.ch, +41 55 214 33 36 Trends in Mobile Authentication cnlab security ag, obere bahnhofstr. 32b, CH-8640 rapperswil-jona esther.haenggi@cnlab.ch, +41 55 214 33 36 E-banking authentication mtan 2 Phishing passiv Man-in-the-Middle

More information

Research Article. Research of network payment system based on multi-factor authentication

Research Article. Research of network payment system based on multi-factor authentication Available online www.jocpr.com Journal of Chemical and Pharmaceutical Research, 2014, 6(7):437-441 Research Article ISSN : 0975-7384 CODEN(USA) : JCPRC5 Research of network payment system based on multi-factor

More information

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Contents Authentication and Identity Assurance The Identity Assurance continuum Plain Password Authentication

More information

Senaca Shield Presents 10 Top Tip For Small Business Cyber Security

Senaca Shield Presents 10 Top Tip For Small Business Cyber Security Senaca Shield Presents 10 Top Tip For Small Business Cyber Security Presented by Liam O Connor www.senacashield.com info@senacashield.com #Senacashield Small businesses need cyber security too. This slide

More information

ADVANCE AUTHENTICATION TECHNIQUES

ADVANCE AUTHENTICATION TECHNIQUES ADVANCE AUTHENTICATION TECHNIQUES Introduction 1. Computer systems and the information they store and process are valuable resources which need to be protected. With the current trend toward networking,

More information

Multi-Factor Authentication of Online Transactions

Multi-Factor Authentication of Online Transactions Multi-Factor Authentication of Online Transactions Shelli Wobken-Plagge May 7, 2009 Agenda How are economic and fraud trends evolving? What tools are available to secure online transactions? What are best

More information

CSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity

CSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity CSC 474 -- Network Security Topic 6.2 User Authentication CSC 474 Dr. Peng Ning 1 User Authentication Basics CSC 474 Dr. Peng Ning 2 Authentication and Identity What is identity? which characteristics

More information

Multi-Factor Authentication Core User Policy and Procedures

Multi-Factor Authentication Core User Policy and Procedures Multi-Factor Authentication Core User Policy and Procedures Core Users with access to other people s sensitive or restrictive information must use one-time passwords (OTP) generated from approved fobs

More information

Chapter 1: Introduction

Chapter 1: Introduction Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure

More information

Digital identity: Toward more convenient, more secure online authentication

Digital identity: Toward more convenient, more secure online authentication Digital identity: Toward more convenient, more secure online authentication For more than four decades, the familiar username/password method has been the basis for authentication when accessing computer-based

More information

3D PASSWORD. Snehal Kognule Dept. of Comp. Sc., Padmabhushan Vasantdada Patil Pratishthan s College of Engineering, Mumbai University, India

3D PASSWORD. Snehal Kognule Dept. of Comp. Sc., Padmabhushan Vasantdada Patil Pratishthan s College of Engineering, Mumbai University, India 3D PASSWORD Tejal Kognule Yugandhara Thumbre Snehal Kognule ABSTRACT 3D passwords which are more customizable and very interesting way of authentication. Now the passwords are based on the fact of Human

More information

ATS - Intrusion control panel

ATS - Intrusion control panel Manual ATS - Intrusion control panel Configuring ATS1806 Linking with iprotect Keymap 2 Publication Juli 2013, Keyprocessor BV Paasheuvelweg 20 1105BJ Amsterdam, The Netherlands www.keyprocessor.com Tel.:

More information

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 10 Authentication and Account Management

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 10 Authentication and Account Management Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 10 Authentication and Account Management Objectives Describe the three types of authentication credentials Explain what single sign-on

More information

WHITE PAPER AUGUST 2014. Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords

WHITE PAPER AUGUST 2014. Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords WHITE PAPER AUGUST 2014 Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords 2 WHITE PAPER: PREVENTING SECURITY BREACHES Table of Contents on t Become the Next Headline

More information

Entrust IdentityGuard

Entrust IdentityGuard +1-888-437-9783 sales@identisys.com IdentiSys.com Distributed by: Entrust IdentityGuard is an award-winning software-based authentication enterprises and governments. The solution serves as an organization's

More information

Mary Theofanos Brian Stanton

Mary Theofanos Brian Stanton Mary Theofanos Brian Stanton ISO 9241-210:2010 Usability: The extent to which a product can be used by specified users to achieve specified goals with effectiveness, efficiency, and satisfaction in a specified

More information

RSA SecurID Ready Implementation Guide

RSA SecurID Ready Implementation Guide RSA SecurID Ready Implementation Guide Partner Information Last Modified: December 18, 2006 Product Information Partner Name Microsoft Web Site http://www.microsoft.com/isaserver Product Name Internet

More information

Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager

Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords Mika Devonshire Associate Product Manager 1 Agenda 2 What is Cybersecurity? Quick overview of the core concepts 3 Cybercrime

More information

White Paper Preventing Man in the Middle Phishing Attacks with Multi-Factor Authentication

White Paper Preventing Man in the Middle Phishing Attacks with Multi-Factor Authentication White Paper Preventing Man in the Middle Phishing Attacks with Multi-Factor Authentication Page 1 of 8 Introduction As businesses and consumers grow increasingly reliant on the Internet for conducting

More information

Economic and Social Council

Economic and Social Council UNITED NATIONS E Economic and Social Council Distr. GENERAL ECE/TRANS/WP.30/AC.2/2008/2 21 November 2007 Original: ENGLISH ECONOMIC COMMISSION FOR EUROPE Administrative Committee for the TIR Convention,

More information

Password Management: History, Costs, Problems and Pain Points, and Solutions

Password Management: History, Costs, Problems and Pain Points, and Solutions Password Management: History, Costs, Problems and Pain Points, and Solutions by Dean Weich, Tools4ever Everyone in the business world uses passwords. Whether you are a bank teller logging into several

More information

Authentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business

Authentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business Authentication Solutions Versatile And Innovative Authentication Solutions To Secure And Enable Your Business SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime

More information

Online Account Takeover. Roger Nettie

Online Account Takeover. Roger Nettie Online Account Takeover Roger Nettie CUNA Mutual Group Proprietary Reproduction, Adaptation or Distribution Prohibited CUNA Mutual Group 2013 Session Outline Types of attacks Movement of funds Consumer

More information

FIDO Trust Requirements

FIDO Trust Requirements FIDO Trust Requirements Ijlal Loutfi, Audun Jøsang University of Oslo Mathematics and Natural Sciences Faculty NordSec 2015,Stockholm, Sweden October, 20 th 2015 Working assumption: End Users Platforms

More information

what can we do with botnet data?

what can we do with botnet data? what can we do with botnet data? prof.dr. Ronald Leenes r.e.leenes@uvt.nl TILT - Tilburg Institute for Law, Technology, and Society background SURFnet (Dutch NREN) was offered 700 GB of data obtained from

More information

Introduction to Computer Security

Introduction to Computer Security Introduction to Computer Security Identification and Authentication Pavel Laskov Wilhelm Schickard Institute for Computer Science Resource access: a big picture 1. Identification Which object O requests

More information

The Convergence of IT Security and Physical Access Control

The Convergence of IT Security and Physical Access Control The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which

More information

E-Banking Regulatory Update

E-Banking Regulatory Update E-Banking Regulatory Update Hal R. Paretchan, CISA, CISSP, CFE Information Technology Specialist Federal Reserve Bank of Boston Supervision, Regulation & Credit (617) 973-5971 hal.paretchan@bos.frb.org

More information

Hormuzd Khosravi, Principal Engineer, Intel Corporation

Hormuzd Khosravi, Principal Engineer, Intel Corporation Hormuzd Khosravi, Principal Engineer, Intel Corporation Legal Information Intel technologies, features and benefits depend on system configuration and may require enabled hardware, software or service

More information

Secure Password Managers and Military-Grade Encryption on Smartphones: Oh, Really? Andrey Belenko and Dmitry Sklyarov Elcomsoft Co. Ltd.

Secure Password Managers and Military-Grade Encryption on Smartphones: Oh, Really? Andrey Belenko and Dmitry Sklyarov Elcomsoft Co. Ltd. Secure Password Managers and Military-Grade Encryption on Smartphones: Oh, Really? Andrey Belenko and Dmitry Sklyarov Elcomsoft Co. Ltd. Securing Data-at-Rest: PC vs Smartphone Threat Model BlackBerry

More information

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code

More information

Usable Multi-Factor Authentication and Risk-Based Authorization

Usable Multi-Factor Authentication and Risk-Based Authorization CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS Usable Multi-Factor Authentication and Risk-Based Authorization IBM T. J. Watson Research Center Larry Koved, Research Staff Member 17 September 2013

More information

A Survey on Untransferable Anonymous Credentials

A Survey on Untransferable Anonymous Credentials A Survey on Untransferable Anonymous Credentials extended abstract Sebastian Pape Databases and Interactive Systems Research Group, University of Kassel Abstract. There are at least two principal approaches

More information

Internet Banking Authentication Guidance is Out

Internet Banking Authentication Guidance is Out Brace Yourself: Updated d FFIEC Internet Banking Authentication Guidance is Out October 13, 2011 Paul Rainbow, Manager David Dyk, Manager 1 The material appearing in this presentation is for informational

More information

Improving Online Security with Strong, Personalized User Authentication

Improving Online Security with Strong, Personalized User Authentication Improving Online Security with Strong, Personalized User Authentication July 2014 Secure and simplify your digital life. Table of Contents Online Security -- Safe or Easy, But Not Both?... 3 The Traitware

More information

Secure Web Access Solution

Secure Web Access Solution Secure Web Access Solution I. CONTENTS II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. E-CODE SECURE WEB ACCESS SOLUTION... 3 OVERVIEW... 3 PKI SECURE WEB ACCESS... 4 Description...

More information

Secure Data Exchange Solution

Secure Data Exchange Solution Secure Data Exchange Solution I. CONTENTS I. CONTENTS... 1 II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE DOCUMENT EXCHANGE SOLUTIONS... 3 INTRODUCTION... 3 Certificates

More information

Apache Milagro (incubating) An Introduction ApacheCon North America

Apache Milagro (incubating) An Introduction ApacheCon North America Apache Milagro (incubating) An Introduction ApacheCon North America Apache Milagro will establish a new independent security framework for the Internet A Distributed Cryptosystem Secure the Future of the

More information

Citrix Access Gateway: Implementing Enterprise Edition Feature 9.0

Citrix Access Gateway: Implementing Enterprise Edition Feature 9.0 coursemonstercom/uk Citrix Access Gateway: Implementing Enterprise Edition Feature 90 View training dates» Overview Nederlands Deze cursus behandelt informatie die beheerders en andere IT-professionals

More information

Paul Nguyen. 2014 CSG Interna0onal

Paul Nguyen. 2014 CSG Interna0onal Paul Nguyen 2014 CSG Interna0onal Security is Top- of- Mind Everywhere High- profile breaches: 2K+ breaches expose nearly 1B records in 2013 Increased regulatory pressure State- sponsored hacking around

More information

Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment

Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment IIIIII Best Practices www.gemalto.com IIIIII Table of Contents Strong Authentication and Cybercrime... 1

More information

Enhancing Organizational Security Through the Use of Virtual Smart Cards

Enhancing Organizational Security Through the Use of Virtual Smart Cards Enhancing Organizational Security Through the Use of Virtual Smart Cards Today s organizations, both large and small, are faced with the challenging task of securing a seemingly borderless domain of company

More information

BEST SECURITY PRACTICES IN ONLINE BANKING PLATFORMS

BEST SECURITY PRACTICES IN ONLINE BANKING PLATFORMS BEST SECURITY PRACTICES IN ONLINE BANKING PLATFORMS TABLE OF CONTENTS BEST SECURITY PRACTICES Home banking platforms have been implemented as an ever more efficient 1 channel through for banking transactions.

More information

Security Challenges. in Moving to Externalized Datacenters. (Focusing on SaaS) Eran Birk, Spring 2014. Business. Intelligence

Security Challenges. in Moving to Externalized Datacenters. (Focusing on SaaS) Eran Birk, Spring 2014. Business. Intelligence Business Intelligence Security Challenges in Moving to Externalized Datacenters (Focusing on SaaS) Eran Birk, Spring 2014 Grid Computing Cloud Computing Compute Networks Storage Information provided in

More information

That Point of Sale is a PoS

That Point of Sale is a PoS SESSION ID: HTA-W02 That Point of Sale is a PoS Charles Henderson Vice President Managed Security Testing Trustwave @angus_tx David Byrne Senior Security Associate Bishop Fox Agenda POS Architecture Breach

More information

CHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device

CHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge

More information

Working Together Managing and Securing Enterprise Mobility WHITE PAPER. Larry Klimczyk Digital Defence P: 222.333.4444

Working Together Managing and Securing Enterprise Mobility WHITE PAPER. Larry Klimczyk Digital Defence P: 222.333.4444 Working Together Managing and Securing Enterprise Mobility WHITE PAPER Larry Klimczyk Digital Defence P: 222.333.4444 Contents Executive Summary... 3 Introduction... 4 Security Requirements... 5 Authentication...

More information

Uni-directional Trusted Path: Transaction Confirmation on Just One Device

Uni-directional Trusted Path: Transaction Confirmation on Just One Device Uni-directional Trusted Path: Transaction Confirmation on Just One Device Atanas Filyanov 1, Jonathan M. McCune 2, Ahmad-Reza Sadeghi 3, Marcel Winandy 1 1 Ruhr-University Bochum, Germany 2 Carnegie Mellon

More information

WHITE PAPER Usher Mobile Identity Platform

WHITE PAPER Usher Mobile Identity Platform WHITE PAPER Usher Mobile Identity Platform Security Architecture For more information, visit Usher.com info@usher.com Toll Free (US ONLY): 1 888.656.4464 Direct Dial: 703.848.8710 Table of contents Introduction

More information

Remote Access Securing Your Employees Out of the Office

Remote Access Securing Your Employees Out of the Office Remote Access Securing Your Employees Out of the Office HSTE-NB0011-RV 1.0 Hypersecu Information Systems, Inc. #200-6191 Westminster Hwy Richmond BC V7C 4V4 Canada 1 (855) 497-3700 www.hypersecu.com Introduction

More information

Secure your Privacy. www.jrsys.com.tw. jrsys, Inc. All rights reserved.

Secure your Privacy. www.jrsys.com.tw. jrsys, Inc. All rights reserved. Secure your Privacy www.jrsys.com.tw CNN 2013/7/16 8:25PM Man Middle In The I got your ID/Password! Mobile Secure Secure sensitive access data Random Login Web Authentication One Secure Time Channel Password

More information

API-Security Gateway Dirk Krafzig

API-Security Gateway Dirk Krafzig API-Security Gateway Dirk Krafzig Intro Digital transformation accelerates application integration needs Dramatically increasing number of integration points Speed Security Industrial robustness Increasing

More information

Identity and Access Management Solutions MWC 2016

Identity and Access Management Solutions MWC 2016 Identity and Access Management Solutions MWC 2016 The new EXPERIENCE to consume the digital world is our IDENTITY PROPOSAL EXPERIENCE the digital world EASILY, with TRUST and TRANSPARENCY I use y o ile

More information

IDENTITY & ACCESS. Providing Cost-Effective Strong Authentication in the Cloud. a brief for cloud service providers

IDENTITY & ACCESS. Providing Cost-Effective Strong Authentication in the Cloud. a brief for cloud service providers IDENTITY & ACCESS Providing Cost-Effective Strong Authentication in the Cloud a brief for cloud service providers Introduction Interest and use of the cloud to store enterprise resources is growing fast.

More information

The Key to Secure Online Financial Transactions

The Key to Secure Online Financial Transactions Transaction Security The Key to Secure Online Financial Transactions Transferring money, shopping, or paying debts online is no longer a novelty. These days, it s just one of many daily occurrences on

More information

Secure Password Managers and Military-Grade Encryption on Smartphones: Oh, Really?

Secure Password Managers and Military-Grade Encryption on Smartphones: Oh, Really? Secure Password Managers and Military-Grade Encryption on Smartphones: Oh, Really? Andrey Belenko and Dmitry Sklyarov Elcomsoft Co. Ltd. {a.belenko,d.sklyarov} @ elcomsoft.com 1 Agenda Authentication:

More information

Multi-Factor Authentication

Multi-Factor Authentication Enhancing network security through the authentication process Multi-Factor Authentication Passwords, Smart Cards, and Biometrics INTRODUCTION Corporations today are investing more time and resources on

More information

Two-Factor Authentication Making Sense of all the Options

Two-Factor Authentication Making Sense of all the Options Two-Factor Authentication Making Sense of all the Options The electronic age we live in is under attack by information outlaws who love profiting from the good record of others. Now more than ever, organizations

More information

Protected Cash Withdrawal in Atm Using Mobile Phone

Protected Cash Withdrawal in Atm Using Mobile Phone www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 2 Issue 4 April, 2013 Page No. 1346-1350 Protected Cash Withdrawal in Atm Using Mobile Phone M.R.Dineshkumar

More information

Online Cash Management Security: Beyond the User Login

Online Cash Management Security: Beyond the User Login Online Cash Management Security: Beyond the User Login Sonya Crites, CTP, SunTrust Anita Stevenson-Patterson, CTP, Manheim February 28, 2008 Agenda Industry Trends Government Regulations Payment Fraud

More information

Welcome Guide for MP-1 Token for Microsoft Windows

Welcome Guide for MP-1 Token for Microsoft Windows Welcome Guide for MP-1 Token for Microsoft Windows Protecting Your On-line Identity Authentication Service Delivery Made EASY Copyright 2012 SafeNet, Inc. All rights reserved. All attempts have been made

More information

Biometric SSO Authentication Using Java Enterprise System

Biometric SSO Authentication Using Java Enterprise System Biometric SSO Authentication Using Java Enterprise System Edward Clay Security Architect edward.clay@sun.com & Ramesh Nagappan CISSP Java Technology Architect ramesh.nagappan@sun.com Agenda Part 1 : Identity

More information

Longmai Mobile PKI Solution

Longmai Mobile PKI Solution Longmai Mobile PKI Solution A quick Solution to External and Internal fraud in Insurance Industry Putting the client at the center of modernization Contents 1. INTRODUCTION... 3 1.1 Challenges... 3 1.2

More information

CA ArcotOTP Versatile Authentication Solution for Mobile Phones

CA ArcotOTP Versatile Authentication Solution for Mobile Phones PRODUCT SHEET CA ArcotOTP CA ArcotOTP Versatile Authentication Solution for Mobile Phones Overview Consumers have embraced their mobile phones as more than just calling or texting devices. They are demanding

More information

Management of Hardware Passwords in Think PCs.

Management of Hardware Passwords in Think PCs. Lenovo Corporation March 2009 security white paper Management of Hardware Passwords in Think PCs. Ideas from Lenovo Notebooks and Desktops Workstations and Servers Service and Support Accessories Introduction

More information

Biometric Authentication Platform for a Safe, Secure, and Convenient Society

Biometric Authentication Platform for a Safe, Secure, and Convenient Society 472 Hitachi Review Vol. 64 (2015), No. 8 Featured Articles Platform for a Safe, Secure, and Convenient Society Public s Infrastructure Yosuke Kaga Yusuke Matsuda Kenta Takahashi, Ph.D. Akio Nagasaka, Ph.D.

More information

Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS

Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime

More information

ACI Response to FFIEC Guidance

ACI Response to FFIEC Guidance ACI Response to FFIEC Guidance Version 1 July 2011 Table of contents Introduction 3 FFIEC Supervisory Expectations 4 ACI Online Banking Fraud Management 8 Online Banking Fraud Detection and Prevention

More information

Don t Click That Link and other security tips. Laura Perry Jennifer Speegle Mike Trice

Don t Click That Link and other security tips. Laura Perry Jennifer Speegle Mike Trice Don t Click That Link and other security tips Laura Perry Jennifer Speegle Mike Trice About Us Laura Perry Information Security Jennifer Speegle Firewall Administrator Mike Trice Network Engineer Mail

More information

Whitepaper on AuthShield Two Factor Authentication with ERP Applications

Whitepaper on AuthShield Two Factor Authentication with ERP Applications Whitepaper on AuthShield Two Factor Authentication with ERP Applications By INNEFU Labs Pvt. Ltd Table of Contents 1. Overview... 3 2. Threats to account passwords... 4 2.1 Social Engineering or Password

More information

A brief on Two-Factor Authentication

A brief on Two-Factor Authentication Application Note A brief on Two-Factor Authentication Summary This document provides a technology brief on two-factor authentication and how it is used on Netgear SSL312, VPN Firewall, and other UTM products.

More information

Why Password- Enabled PKI

Why Password- Enabled PKI Password Enabled Public-Key Infrastructure (PKI): Virtual Smartcards vs. Virtual Soft Tokens Ravi Sandhu Chief Scientist SingleSignOn.Net & Professor, George Mason University Mihir Bellare Chief Cryptographer

More information

Information Security Basic Concepts

Information Security Basic Concepts Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,

More information

Today. Important From Last Time. Old Joke. Computer Security. Embedded Security. Trusted Computing Base

Today. Important From Last Time. Old Joke. Computer Security. Embedded Security. Trusted Computing Base Important From Last Time A system is safety critical when its failure may result in injuries or deaths Verification and validation can dominate overall development effort Today Embedded system security

More information

how can I provide strong authentication for VPN access in a user convenient and cost effective manner?

how can I provide strong authentication for VPN access in a user convenient and cost effective manner? SOLUTION BRIEF CA Advanced Authentication how can I provide strong authentication for VPN access in a user convenient and cost effective manner? agility made possible provides a flexible set of user convenient,

More information

Understanding Digital Signature And Public Key Infrastructure

Understanding Digital Signature And Public Key Infrastructure Understanding Digital Signature And Public Key Infrastructure Overview The use of networked personnel computers (PC s) in enterprise environments and on the Internet is rapidly approaching the point where

More information

The Convergence of IT Security and Physical Access Control

The Convergence of IT Security and Physical Access Control The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which

More information

Verfahren zur Absicherung von Apps. Dr. Ullrich Martini IHK, 4-12-2014

Verfahren zur Absicherung von Apps. Dr. Ullrich Martini IHK, 4-12-2014 Verfahren zur Absicherung von Apps Dr. Ullrich Martini IHK, 4-12-2014 Agenda Introducing G&D Problem Statement Available Security Technologies Smartcard Embedded Secure Element Virtualization Trusted Execution

More information

User Behaviour Analytics

User Behaviour Analytics User Behaviour Analytics How do they know its really you? White Paper Sept 2015 Ezmcom Inc. 4701 Patrick Henry Drive BLDG 7, Santa Clara, CA, 95054, US Executive Summary Authentication has traditionally

More information