BehavioSec participation in the DARPA AA Phase 2
|
|
- Edwina Farmer
- 8 years ago
- Views:
Transcription
1 BehavioSec participation in the DARPA AA Phase 2 A case study of Behaviometrics authentication for mobile devices Distribution Statement A (Approved for Public Release, Distribution Unlimited) 1
2 This paper is an overview about BehavioSec s participation in DARPA s Active Authentication Program Phase 2 in 2013/
3 Contents Introduction... 4 DARPA s Active Authentication Program... 5 DARPA s Active Authentication Program Phase Trust Metrics... 6 DARPA s Active Authentication Program Phase Keyboard/keystroke... 7 Touch... 7 Work packages... 8 Working with CAC card
4 Introduction The word Behaviometrics derives from the terms behavioral and biometrics. Behavioral refers to the way a human person behaves and biometrics, in an information security context, refers to technologies and methods that measure and analyzes biological characteristics of the human body for authentication purposes; for example fingerprints, eye retina and voice patterns. In other words Behaviometrics, or behavioral biometrics, is a measurable behavior, used to recognize or verify the identity of a person. Behaviometrics focus on behavioral patterns rather than physical attributes. After a user is verified with traditional security techniques, such as passwords, Behaviometrics can enhance the protection even after the user has logged in. It can continuously monitor the user during the whole working session to create an ongoing authentication process. A biometric authentication system can check if a user is accepted into a system. If a user is accepted that should not be, it is called a false accept. If a user that should be accepted is not, it is called a false reject. The ratio between users that falsely attempts to enter and users falsely accepted, is called false accept rate (FAR). While the ratio between correct users being accepted and rejected is called false reject rate (FRR). A behavioral continuous authentication system uses a set of behavioral traits to calculate a similarity ratio between the current user s behavior and the expected. The similarity can be combined with a threshold, so that if the similarity drops below the set threshold, the user will be detected as an imposter. 4
5 DARPA s Active Authentication Program The current standard method for validating a user s identity for authentication on an information system requires humans to do something that is inherently unnatural: create, remember, and manage long, complex passwords. Moreover, as long as the session remains active, typical systems incorporate no mechanisms to verify that the user originally authenticated is the user still in control of the keyboard. Thus unauthorized individuals may improperly obtain extended access to information system resources if a password is compromised or if a user does not exercise adequate vigilance after initially authenticating at the console. The Active Authentication program seeks to address this problem by developing novel ways of validating the identity of the person at the console that focus on the unique aspects of the individual through the use of software based biometrics. Biometrics is defined as the characteristics used to uniquely recognize humans based on one or more intrinsic physical or behavioral traits. This program focuses on the behavioral traits that can be observed through how we interact with the world. Just as when you touch something your finger you leave behind a fingerprint, when you interact with technology you do so in a pattern based on how your mind processes information, leaving behind a cognitive fingerprint. The first phase of the program will focus on researching biometrics that do not require the installation of additional hardware sensors, rather the program will look for research on biometrics that can be captured through the technology we already use looking for aspects of this cognitive fingerprint. These could include, for example, how the user handles the mouse and how the user crafts written language in an or document. A heavy emphasis will be placed on validating any potential new biometrics with empirical tests to ensure they would be effective in large scale deployments. The later phases of the program will focus on developing a solution that integrates any available biometrics using a new authentication platform suitable for deployment on a standard a Department of Defense desktop or laptop. The combinatorial approach of using multiple modalities for continuous user identification and authentication is expected to deliver a system that is accurate, robust, and transparent to the user s normal computing experience. [1] [1] 5
6 DARPA s Active Authentication Program Phase 1 In phase one we used the behavioral data of 100 voluntary users for 3 months on standard windows office PCs, to extend current biometrical measurement definitions to better fit the unique characteristics of continuous behaviometrics. We sampled the following modalities: Fig 1. Modalities Trust Metrics To use the behavior of users for continuous authentication we decided to develop the concept of Trust. The trust is defined by Biometric systems have been defined by the US National Institute of Standards and Technology (NIST) as systems exploiting automated methods of recognizing a person based on physiological or behavioral characteristics 6
7 DARPA s Active Authentication Program Phase 2 Keyboard/keystroke We are looking for how a person is typing, not what a person is typing. We use keystroke dynamics (press, flight and sequence) and combine this with pressure, accelerometer and gyro information as well as the position of the touch on the pressed key. Touch For touch gestures we use all the available modalities of the touch, like distance and time travelled, as well as the points when entering or leaving measurement points together with the pressure. Start Stop 7
8 Work packages WP 2 Continuous Trust on Mobile Devices Realize a Continuous Authentication for mobile devices with our Trust Metrics from Phase 1 using: Keystroke dynamics Pressure Touch Gestures Accelerometer Gyro GPS WP 3 Differences of keystroke on mobile and desktop We study the possibility of reusing the information from profiles between desktop and mobile devices We compare the reliability of an user authentication for self-chosen vs. predetermined passwords WP 4 USMA metrics We plan to present different metric s according to the USMA metrics based on our data (FTE, FTA, FAR, FRR, EER, MTTE, MTTD, ROC) WP 5 Open Data Format We plan to propose an Open Data Format for interoperability for behaviometric data for keystroke dynamics, mouse movements, application usage and mobile modalities like Keystroke position, Pressure, Touch, Gyro, Accelerometer and GPS. WP 6 Gesture Based Input Model gestures to be used for authentication Fusion of gestures into our continuous trust system Stability of Predetermined and self-chosen gestures WP 7 PIN entry on mobile devices We are using data from anonymous users 4-8 digit pin to generate statistically significant results for user authentication. Differences between self-chosen and random PIN Results from gathered data will be presented showing the stability of user behavior for self-chosen and random PIN. Working with CAC card To show the possibility of tying a user to an issued credential, we intend to research, how this can be done on mobile devices using standard CAC card with NFC. 8
9 A temporary behavioral profile on the mobile would be generated This would be signed with the CAC card via NFC and encrypted using a supplied server key Send to server The server is decrypting the profile and checking the signature The server polls the user profile from the database, based on user signature The temporary profile of the user would be compared and based on the results a score trust value will be reported Workflow Temporary profile Secured with user specific CAC card Poll user profile, based on user credentials Compare to profile and maintain trust value 9
10 For more information please contact sales at BehavioSec, Jakobs torg 3, SE Stockholm, Sweden 10
Detecting Credit Card Fraud
Case Study Detecting Credit Card Fraud Analysis of Behaviometrics in an online Payment environment Introduction BehavioSec have been conducting tests on Behaviometrics stemming from card payments within
More informationThis method looks at the patterns found on a fingertip. Patterns are made by the lines on the tip of the finger.
According to the SysAdmin, Audit, Network, Security Institute (SANS), authentication problems are among the top twenty critical Internet security vulnerabilities. These problems arise from the use of basic
More informationUser Authentication Methods for Mobile Systems Dr Steven Furnell
User Authentication Methods for Mobile Systems Dr Steven Furnell Network Research Group University of Plymouth United Kingdom Overview The rise of mobility and the need for user authentication A survey
More informationKEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS
KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS Plurilock Security Solutions Inc. www.plurilock.com info@plurilock.com 2 H IGHLIGHTS: PluriPass is Plurilock static keystroke dynamic biometric
More informationPersonal Identification Techniques Based on Operational Habit of Cellular Phone
Proceedings of the International Multiconference on Computer Science and Information Technology pp. 459 465 ISSN 1896-7094 c 2006 PIPS Personal Identification Techniques Based on Operational Habit of Cellular
More informationDARPA ACTIVE AUTHENTICATION PROGRAM: BEHAVIORAL BIOMETRICS
DARPA ACTIVE AUTHENTICATION PROGRAM: BEHAVIORAL BIOMETRICS Dr Neil Costigan BehavioSec Ingo Deutschmann BehavioSec Session ID: SEC-105 Session Classification: Intermediate Overview DARPA s Active Authentication
More informationTechnical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and
Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and procedures to govern who has access to electronic protected
More informationBiometrics is the use of physiological and/or behavioral characteristics to recognize or verify the identity of individuals through automated means.
Definition Biometrics is the use of physiological and/or behavioral characteristics to recognize or verify the identity of individuals through automated means. Description Physiological biometrics is based
More informationNFC & Biometrics. Christophe Rosenberger
NFC & Biometrics Christophe Rosenberger OUTLINE GREYC - E-payment & Biometrics Contactless transactions Biometric authentication Solutions Perspectives 2 GREYC Research Lab Research Group in Computer science,
More informationAuthentication Solutions Through Keystroke Dynamics
Objective: The objective of this paper is to provide a basic understanding of the biometric science of keystroke dynamics, and how BioPassword is using keystroke dynamics technology to deliver enterprise
More informationUser Authentication using Combination of Behavioral Biometrics over the Touchpad acting like Touch screen of Mobile Device
2008 International Conference on Computer and Electrical Engineering User Authentication using Combination of Behavioral Biometrics over the Touchpad acting like Touch screen of Mobile Device Hataichanok
More informationRole of Multi-biometrics in Usable Multi- Factor Authentication
Role of Multi-biometrics in Usable Multi- Factor Authentication Dr. Nalini K Ratha* IBM T.J. Watson Research Center Yorktown Heights, NY 10598 ratha@us.ibm.com *: In collaboration with colleagues from
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 10 Authentication and Account Management
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 10 Authentication and Account Management Objectives Describe the three types of authentication credentials Explain what single sign-on
More informationDevice-Centric Authentication and WebCrypto
Device-Centric Authentication and WebCrypto Dirk Balfanz, Google, balfanz@google.com A Position Paper for the W3C Workshop on Web Cryptography Next Steps Device-Centric Authentication We believe that the
More informationHIPAA Security. 4 Security Standards: Technical Safeguards. Security Topics
HIPAA Security S E R I E S Security Topics 1. Security 101 for Covered Entities 2. Security Standards - Administrative Safeguards 3. Security Standards - Physical Safeguards 4. Security Standards - Technical
More informationEncryption as a Cloud Service provides the lowest TCO
Encryption as a Cloud Service provides the lowest TCO Alertsec offer Full Disk Encryption at half the total cost of ownership of on-premise solutions Contents Executive Summary... 3 The Costs of Encryption...
More informationSCB Access Single Sign-On PC Secure Logon
SCB Access Single Sign-On PC Secure Logon Manage all your passwords One smart card to access all your applications past & future Multi-factor authentication Dramatically increase your security Save $150
More informationIDRBT Working Paper No. 11 Authentication factors for Internet banking
IDRBT Working Paper No. 11 Authentication factors for Internet banking M V N K Prasad and S Ganesh Kumar ABSTRACT The all pervasive and continued growth being provided by technology coupled with the increased
More informationA Behavioral Biometric Approach Based on Standardized Resolution in Mouse Dynamics
370 IJCSNS International Journal of Computer Science and Network Security, VOL.9 No.4, April 2009 A Behavioral Biometric Approach Based on Standardized Resolution in Mouse Dynamics S.Benson Edwin Raj Assistant
More informationPHIN Systems Security and Two Factor Authentication. Raja Kailar, Ph.D. Senior Security Consultant, IRMO/CDC rok9@cdc.gov, kailar@bnetal.
PHIN Systems Security and Two Factor Authentication Raja Kailar, Ph.D. Senior Security Consultant, IRMO/CDC rok9@cdc.gov, kailar@bnetal.com Problem Description PHIN Collaborating partners, sharing public
More informationAUTHENTIFIERS. Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes
AUTHENTIFIERS Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes Authentify delivers intuitive and consistent authentication technology for use with smartphones,
More informationMobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard
Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands Ian Wills Country Manager, Entrust Datacard WHO IS ENTRUST DATACARD? 2 Entrust DataCard Datacard Corporation. Corporation.
More informationDynamic Query Updation for User Authentication in cloud Environment
Dynamic Query Updation for User Authentication in cloud Environment Gaurav Shrivastava 1, Dr. S. Prabakaran 2 1 Research Scholar, Department of Computer Science, SRM University, Kattankulathur, Tamilnadu,
More informationThe Benefits of an Industry Standard Platform for Enterprise Sign-On
white paper The Benefits of an Industry Standard Platform for Enterprise Sign-On The need for scalable solutions to the growing concerns about enterprise security and regulatory compliance can be addressed
More informationStart Here. P5100 Fingerprint Reader. Quick Installation Guide. Verifi. IMPORTANT. This installation manual is for Windows 8.1.
Verifi P5100 Fingerprint Reader with ROBOFORM PASSWORD MANAGER STARTER Start Here IMPORTANT. This installation manual is for Windows 8.1 Quick Installation Guide Windows Logon About the Reader Proper Use
More informationBiometric Authentication using Online Signature
University of Trento Department of Mathematics Outline Introduction An example of authentication scheme Performance analysis and possible improvements Outline Introduction An example of authentication
More informationecommerce Stages of Authentication Dynamic Factor Authentication
ecommerce Stages of Authentication Dynamic Factor Authentication Card Data, name & Password MagnePrint Score card swipe Password Name Hardware authentication Mutual device authentication Single factor
More informationGuide to Evaluating Multi-Factor Authentication Solutions
Guide to Evaluating Multi-Factor Authentication Solutions PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-No-Token / 1-877-668-6536 www.phonefactor.com Guide to Evaluating Multi-Factor
More informationApplication-Specific Biometric Templates
Application-Specific Biometric s Michael Braithwaite, Ulf Cahn von Seelen, James Cambier, John Daugman, Randy Glass, Russ Moore, Ian Scott, Iridian Technologies Inc. Introduction Biometric technologies
More informationAlternative authentication what does it really provide?
Alternative authentication what does it really provide? Steve Pannifer Consult Hyperion Tweed House 12 The Mount Guildford GU2 4HN UK steve.pannifer@chyp.com Abstract In recent years many new technologies
More informationStart Here. P5100 Fingerprint Reader. Quick Installation Guide. Verifi. IMPORTANT. This product must be used with Windows 7 or 8.
Verifi P5100 Fingerprint Reader with ROBOFORM PASSWORD MANAGER STARTER Start Here IMPORTANT. This product must be used with Windows 7 or 8. Quick Installation Guide Windows Logon About the Reader Proper
More informationXYPRO Technology Brief: Stronger User Security with Device-centric Authentication
Ken Scudder Senior Director Business Development & Strategic Alliances XYPRO Technology Talbot A. Harty CEO DeviceAuthority XYPRO Technology Brief: Stronger User Security with Device-centric Authentication
More informationBehavioral biometrics fordarpa's active authentication program
Behavioral biometrics fordarpa's active authentication program Ingo Deutschmann, Johan Lindholm Research &Development Behaviometrics AB AurorumScience Park8 SE-977 75 Lulea ideutschmann@behaviosec.com,
More informationSecure communications via IdentaDefense
Secure communications via IdentaDefense How vulnerable is sensitive data? Communication is the least secure area of digital information. The many benefits of sending information electronically in a digital
More informationContinuous Biometric User Authentication in Online Examinations
2010 Seventh International Conference on Information Technology Continuous Biometric User Authentication in Online Examinations Eric Flior, Kazimierz Kowalski Department of Computer Science, California
More informationAn Analysis of Keystroke Dynamics Use in User Authentication
An Analysis of Keystroke Dynamics Use in User Authentication Sam Hyland (0053677) Last Revised: April 7, 2004 Prepared For: Software Engineering 4C03 Introduction Authentication is an important factor
More informationCSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity
CSC 474 -- Network Security Topic 6.2 User Authentication CSC 474 Dr. Peng Ning 1 User Authentication Basics CSC 474 Dr. Peng Ning 2 Authentication and Identity What is identity? which characteristics
More informationIDENTITY-AS-A-SERVICE IN A MOBILE WORLD. Cloud Management of Multi-Modal Biometrics
IDENTITY-AS-A-SERVICE IN A MOBILE WORLD Cloud Management of Multi-Modal Biometrics ImageWare Systems, Inc. Headquarters in San Diego, CA Offices worldwide (US, Canada, Germany, Mexico) Over 15 years of
More informationIs the Device User the Device Owner? A paper prepared for Biometrics UnPlugged: Mobility Rules Executive Summit - Tampa Monday, September 16, 2013
Is the Device User the Device Owner? A paper prepared for Biometrics UnPlugged: Mobility Rules Executive Summit - Tampa Monday, September 16, 2013 Rod Beatson President, Transaction Security, Inc. Rod.Beatson@crypto-sign.com
More informationMeeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)
Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11) Executive Summary...3 Background...4 Internet Growth in the Pharmaceutical Industries...4 The Need for Security...4
More informationADVANCE AUTHENTICATION TECHNIQUES
ADVANCE AUTHENTICATION TECHNIQUES Introduction 1. Computer systems and the information they store and process are valuable resources which need to be protected. With the current trend toward networking,
More informationAssignment 1 Biometric authentication
Assignment 1 Biometric authentication Internet Security and Privacy Alexandre Fustier Vincent Burger INTRODUCTION:...3 I. TYPES AND DESCRIPTION OF BIOMETRICS...4 1. PHYSIOLOGICAL BIOMETRIC...4 a. Fingerprints...4
More informationAdvanced Authentication
White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is
More informationImplementation of Operator Authentication Processes on an Enterprise Level. Mark Heard Eastman Chemical Company
Implementation of Operator Authentication Processes on an Enterprise Level Mark Heard Eastman Chemical Company Presenter Mark Heard, Eastman Chemical Company Control System Engineer Experience with several
More informationDigital identity: Toward more convenient, more secure online authentication
Digital identity: Toward more convenient, more secure online authentication For more than four decades, the familiar username/password method has been the basis for authentication when accessing computer-based
More informationKnowledge Based Authentication (KBA) Metrics
Knowledge Based Authentication (KBA) Metrics Santosh Chokhani, Ph.D. February, 2004 Background Model for KBA Issues and Considerations Practical Usage of KBA Metrics for KBA Applicability to U.S. Government
More informationSignature Verification Why xyzmo offers the leading solution.
Dynamic (Biometric) Signature Verification The signature is the last remnant of the hand-written document in a digital world, and is considered an acceptable and trustworthy means of authenticating all
More informationPROTECTING SYSTEMS AND DATA PASSWORD ADVICE
PROTECTING SYSTEMS AND DATA PASSWORD ADVICE DECEMBER 2012 Disclaimer: Reference to any specific commercial product, process or service by trade name, trademark, manufacturer, or otherwise, does not constitute
More informationBiometric Authentication using Online Signatures
Biometric Authentication using Online Signatures Alisher Kholmatov and Berrin Yanikoglu alisher@su.sabanciuniv.edu, berrin@sabanciuniv.edu http://fens.sabanciuniv.edu Sabanci University, Tuzla, Istanbul,
More informationFramework for Biometric Enabled Unified Core Banking
Proc. of Int. Conf. on Advances in Computer Science and Application Framework for Biometric Enabled Unified Core Banking Manohar M, R Dinesh and Prabhanjan S Research Candidate, Research Supervisor, Faculty
More informationEnhanced Cloud Security through KFAC
Enhanced Cloud Security through KFAC Mahesh S Darak, Dr. N. K. Deshmukh Assistant Professor, School of Computational Sciences, S. R. T. M. University, Nanded, Maharashtra, India ABSTRACT: The current era
More informationMeasuring Performance in a Biometrics Based Multi-Factor Authentication Dialog. A Nuance Education Paper
Measuring Performance in a Biometrics Based Multi-Factor Authentication Dialog A Nuance Education Paper 2009 Definition of Multi-Factor Authentication Dialog Many automated authentication applications
More informationMulti-Factor Authentication Core User Policy and Procedures
Multi-Factor Authentication Core User Policy and Procedures Core Users with access to other people s sensitive or restrictive information must use one-time passwords (OTP) generated from approved fobs
More informationEnterprise Single Sign-On City Hospital Cures Password Pain. Stephen Furstenau Operations and Support Director Imprivata, Inc. www.imprivata.
Enterprise Single Sign-On City Hospital Cures Password Pain Stephen Furstenau Operations and Support Director Imprivata, Inc. www.imprivata.com Application Security Most organizations could completely
More informationWHITE PAPER Usher Mobile Identity Platform
WHITE PAPER Usher Mobile Identity Platform Security Architecture For more information, visit Usher.com info@usher.com Toll Free (US ONLY): 1 888.656.4464 Direct Dial: 703.848.8710 Table of contents Introduction
More informationSecurity Model in E-government with Biometric based on PKI
Security Model in E-government with Biometric based on PKI Jaafar.TH. Jaafar Institute of Statistical Studies and Research Department of Computer and Information Sciences Cairo, Egypt Nermin Hamza Institute
More informationInternational Journal of Innovative Research in Computer and Communication Engineering
Authentication System for Online Banking Application by Using Keystroke Dynamic on Android Phones Dnyaneshwari S. Dhundad, Prof. D. N. Rewadkar Post Graduate Student, Dept. of Computer Engineering, RMD
More informationSecuring e-government Web Portal Access Using Enhanced Two Factor Authentication
Securing e-government Web Portal Access Using Enhanced Two Factor Authentication Ahmed Arara 1, El-Bahlul Emhemed Fgee 2, and Hamdi Ahmed Jaber 3 Abstract This paper suggests an advanced two-factor authentication
More informationFIDO Trust Requirements
FIDO Trust Requirements Ijlal Loutfi, Audun Jøsang University of Oslo Mathematics and Natural Sciences Faculty NordSec 2015,Stockholm, Sweden October, 20 th 2015 Working assumption: End Users Platforms
More informationPTE ACADEMIC www.pearsonpte.com SECURE
PTE ACADEMIC www.pearsonpte.com We believe fair tests should be as secure as possible Cheating is unfair and undermines the efforts of the honest majority. We believe PTE Academic is the most secure test
More informationTwo-Factor Authentication and Swivel
Two-Factor Authentication and Swivel Abstract This document looks at why the username and password are no longer sufficient for authentication and how the Swivel Secure authentication platform can provide
More informationDriveLock and Windows 7
Why alone is not enough CenterTools Software GmbH 2011 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise
More informationAnalysis of Multimodal Biometric Fusion Based Authentication Techniques for Network Security
, pp. 239-246 http://dx.doi.org/10.14257/ijsia.2015.9.4.22 Analysis of Multimodal Biometric Fusion Based Authentication Techniques for Network Security R.Divya #1 and V.Vijayalakshmi #2 #1 Research Scholar,
More informationACER ProShield. Table of Contents
ACER ProShield Table of Contents Revision History... 3 Legal Notices... 4 Executive Summary... 5 Introduction... 5 Protection against unauthorized access... 6 Why ACER ProShield... 7 ACER ProShield...
More informationMathematical Model Based Total Security System with Qualitative and Quantitative Data of Human
Int Jr of Mathematics Sciences & Applications Vol3, No1, January-June 2013 Copyright Mind Reader Publications ISSN No: 2230-9888 wwwjournalshubcom Mathematical Model Based Total Security System with Qualitative
More informationMobile Device Management:
Mobile Device Management: A Risk Discussion for IT Decision Makers Mobile Device Management (MDM) software provides IT organizations with security-relevant capabilities that support the integration of
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication Objectives Define authentication Describe the different types of authentication credentials List and explain the
More informationAlliance AES Key Management
Alliance AES Key Management Solution Brief www.patownsend.com Patrick Townsend Security Solutions Criteria for selecting a key management solution for the System i Key Management is as important to your
More informationUser Behaviour Analytics
User Behaviour Analytics How do they know its really you? White Paper Sept 2015 Ezmcom Inc. 4701 Patrick Henry Drive BLDG 7, Santa Clara, CA, 95054, US Executive Summary Authentication has traditionally
More informationHIPAA Security Alert
Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information
More informationManaged Portable Security Devices
Managed Portable Security Devices www.mxisecurity.com MXI Security leads the way in providing superior managed portable security solutions designed to meet the highest security and privacy standards of
More informationSpanish Certification Body. Challenges on Biometric Vulnerability Analysis on Fingerprint Devices. New. Technical Manager September 2008
Spanish Certification Body New Challenges on Biometric Vulnerability Analysis on Fingerprint Devices Technical Manager September 2008 Contents Introduction: Biometric Technology Security Evaluation New
More informationAuthentication Levels. White Paper April 23, 2014
Summary White Paper April 23, 2014 This document describes levels of authentication that can be utilized for users known and unknown to gain access to applications and solutions. Summary... 1 Description...
More informationMay 2010. For other information please contact:
access control biometrics user guide May 2010 For other information please contact: British Security Industry Association t: 0845 389 3889 f: 0845 389 0761 e: info@bsia.co.uk www.bsia.co.uk Form No. 181.
More informationHIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER
HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER With technology everywhere we look, the technical safeguards required by HIPAA are extremely important in ensuring that our information
More informationFFIEC CONSUMER GUIDANCE
FFIEC CONSUMER GUIDANCE Important Facts About Your Account Authentication Online Banking & Multi-factor authentication and layered security are helping assure safe Internet transactions for banks and their
More informationFrench Justice Portal. Authentication methods and technologies. Page n 1
French Justice Portal Authentication methods and technologies n 1 Agenda Definitions Authentication methods Risks and threats Comparison Summary Conclusion Appendixes n 2 Identification and authentication
More informationTNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is
1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the
More informationWHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS
WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user
More informationGOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.
PERSONAL IDENTITY VERIFICATION (PIV) OVERVIEW INTRODUCTION (1) Welcome to the Homeland Security Presidential Directive 12 (HSPD-12) Personal Identity Verification (PIV) Overview module, designed to familiarize
More informationwww.rohos.com Two-factor authentication Free portable encryption for USB drive Hardware disk encryption Face recognition logon
Two-factor authentication Free portable encryption for USB drive Hardware disk encryption Face recognition logon Secure Windows and Mac login by USB key www.rohos.com Rohos Logon Key Secure two-factor
More informationMANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both.
More informationVoice Authentication for ATM Security
Voice Authentication for ATM Security Rahul R. Sharma Department of Computer Engineering Fr. CRIT, Vashi Navi Mumbai, India rahulrsharma999@gmail.com Abstract: Voice authentication system captures the
More informationBiometric Security: Client-Server Systems. Mira LaCous VP Technology & Development BIO-key International, Inc. 651-789-6117 Mira.LaCous@bio-key.
Biometric Security: Client-Server Systems Mira LaCous VP Technology & Development BIO-key International, Inc. 651-789-6117 Mira.LaCous@bio-key.com The Session Private vs Public / Personal vs Public Forms
More informationPowering Security and Easy Authentication in a Multi-Channel World
Powering Security and Easy Authentication in a Multi-Channel World Archit Lohokare Global Product Manager IBM Security Systems 1 2012 IBM Corporation IBM Security Systems division is one of the largest
More informationSecurity Levels for Web Authentication using Mobile Phones
Security Levels for Web Authentication using Mobile Phones Anna Vapen and Nahid Shahmehri Department of computer and information science Linköpings universitet, SE-58183 Linköping, Sweden {annva,nahsh}@ida.liu.se
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationDA-70702 BIOMETRIC FINGERPRINT READER 2,5" HDD ENCLOSURE User Manual
DA-70702 BIOMETRIC FINGERPRINT READER 2,5" HDD ENCLOSURE User Manual System Requirements System Requirements Recommended Pentium II or higher or other compatible machines. Recommended RAM of at least 128
More informationIdentity Management: Key Technologies
Identity Management: Key Technologies Michael Huth imperial.ac.uk/quads Page 1 Key Concepts Subjects: agents that can request access to resources, e.g. you or Microsoft Word Subjects get access by claiming
More informationAuthentication Scheme for ATM Based On Biometric K. Kavitha, II-MCA IFET COLLEGE OF ENGINEERING DEPARTMENT OF COMPUTER APPLICATIONS
Authentication Scheme for ATM Based On Biometric K. Kavitha, II-MCA IFET COLLEGE OF ENGINEERING DEPARTMENT OF COMPUTER APPLICATIONS ABSTRACT: Biometrics based authentication is a potential candidate to
More information2. Each server or domain controller requires its own server certificate, DoD Root Certificates and enterprise validator installed.
Purpose and Scope The purpose of this policy is to define the roles and responsibilities on implementing the Homeland Security Presidential Directive 12 (HSPD-12) Logical Access Control (LAC) throughout
More informationBiometrics and Cyber Security
Biometrics and Cyber Security Key Considerations in Protecting Critical Infrastructure Now and In The Future Conor White, Chief Technology Officer, Daon Copyright Daon, 2009 1 Why is Cyber Security Important
More informationBiometrics: Advantages for Employee Attendance Verification. InfoTronics, Inc. Farmington Hills, MI
Biometrics: Advantages for Employee Attendance Verification InfoTronics, Inc. Farmington Hills, MI Biometric technology offers advanced verification for employees in every industry. Because biometric systems
More informationModern Mobile Resource Management Solutions
Modern Mobile Resource Management Solutions Because we believe that contractors need differing options to choose from AboutTime created WorkMax. Whether you want On-Premise software or Software served
More informationGlossary of Key Terms
and s Branch Glossary of Key Terms The terms and definitions listed in this glossary are used throughout the s Package to define key terms in the context of. Access Control Access The processes by which
More informationHuman Factors in Information Security
University of Oslo INF3510 Information Security Spring 2014 Workshop Questions Lecture 2: Security Management, Human Factors in Information Security QUESTION 1 Look at the list of standards in the ISO27000
More informationVulnerability Management Policy
Vulnerability Management Policy Policy Statement Computing devices storing the University s Sensitive Information (as defined below) or Mission-Critical computing devices (as defined below) must be fully
More informationSuccessful Enterprise Single Sign-on Addressing Deployment Challenges
Successful Enterprise Single Sign-on Addressing Deployment Challenges 2015 Hitachi ID Systems, Inc. All rights reserved. Contents 1 Introduction 1 2 Background: User Problems with Passwords 2 3 Approaches
More informationPRIVACY AND DATA SECURITY MODULE
"This project has been funded under the fourth AAL call, AAL-2011-4. This publication [communication] reflects the views only of the author, and the Commission cannot be held responsible for any use which
More informationElectronic Prescribing of Controlled Substances: Establishing a Secure, Auditable Chain of Trust
Electronic Prescribing of Controlled Substances: Establishing a Secure, Auditable Chain of Trust Imprivata Confirm ID and the DEA Interim Final Rule on EPCS Technology requirements to comply with the DEA
More information