Leveraging Authentication

Similar documents
Two-Factor Authentication over Mobile: Simplifying Security and Authentication

NC CJIN Governing Board. 13 October, George A. White

Multi-Factor Authentication of Online Transactions

Biometric SSO Authentication Using Java Enterprise System

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

age e Keith Glennan VP & CTO Northrop Grumman keith.glennan@ngc.com

Entrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003

Two-Factor Authentication

The Convergence of IT Security and Physical Access Control

Entrust IdentityGuard

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Securing Adobe PDFs. Adobe - Certified Document Services Registration Authority (RA) Training. Enterprise Security. ID Verification Services

User Authentication Guidance for IT Systems

The Convergence of IT Security and Physical Access Control

Arkansas Department of Information Systems Arkansas Department of Finance and Administration

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard

ADVANCE AUTHENTICATION TECHNIQUES

Multi-Factor Authentication Core User Policy and Procedures

ViSolve Open Source Solutions

The Benefits of an Industry Standard Platform for Enterprise Sign-On

Building Secure Multi-Factor Authentication

An Operational Architecture for Federated Identity Management

Intralinks Best Practices in Security: Risk-Based Multi-Factor Authentication

Multi-factor authentication

BIOMETRIC SOLUTIONS 2013 ISSUE

ProtectID. for Financial Services

Cybersecurity Practices of Ohio Investment Advisers; A Summary of Survey Responses

Software Token Security & Provisioning: Innovation Galore!

Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager

How Secure is your Authentication Technology?

White Paper 2 Factor + 2 Way Authentication to Criminal Justice Information Services. Table of Contents. 1. Two Factor and CJIS

Identity & Privacy Protection

Authentication Levels. White Paper April 23, 2014

Beyond passwords: Protect the mobile enterprise with smarter security solutions

Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and

What the Future of Online Banking Authentication Could Be

Defender Token Deployment System Quick Start Guide

2 factor + 2. Authentication. way

Multi-Factor Authentication for your Analytics Implementation. Siamak Ziraknejad VP, Product Management

A Conceptual Model of Practitioner Authentication Prior to Providing Telemedicine Services in Developing Countries

Strengthen security with intelligent identity and access management

REPORT. Next steps in cyber security

AUTHENTIFIERS. Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes

A Method of Risk Assessment for Multi-Factor Authentication

DRAFT Pan Canadian Identity Management Steering Committee March 1, 2010

Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment

Executive Summary P 1. ActivIdentity

esign Online Digital Signature Service

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.

Secure VidyoConferencing SM TECHNICAL NOTE. Protecting your communications VIDYO

SECURING YOUR REMOTE DESKTOP CONNECTION

CHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device

Securely Yours LLC IT Hot Topics. Sajay Rai, CPA, CISSP, CISM

Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access

MAESON MAHERRY. 3 Factor Authentication and what it means to business. Date: 21/10/2013

TouchPay Enabling the Future of Payments. Concept Document Stadium Ticketing and Registration Solutions

Business Banking Customer Login Experience for Enhanced Login Security

Authentication. Authentication in FortiOS. Single Sign-On (SSO)

RSA SecurID Two-factor Authentication

EVALUATION GUIDE. Evaluating a Self-Service Password Reset Tool. Usability. The password reality

RSA SECURITY SOLUTIONS. Secure Mobile & Remote Access

Ulster University Standard Cover Sheet

CA Technologies Solutions for Criminal Justice Information Security Compliance

The Authentication Revolution: Phones Become the Leading Multi-Factor Authentication Device

Developing Secure Software in the Age of Advanced Persistent Threats

Strong Authentication for PIV and PIV-I using PKI and Biometrics

PCI Security Compliance

API-Security Gateway Dirk Krafzig

Department of Supply & Services (CIMS) RSA Web Express User Guide v1.2

How to login with the RSA Token?

DigitalPersona Pro Enterprise

The Current and Future Direction of Identity Assurance. A critical foundation for identity and access management solutions

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

solutions Biometrics integration

SAML for EPCS (Electronic Prescription of Controlled Substances)

Securing e-government Web Portal Access Using Enhanced Two Factor Authentication

WHITE PAPER Usher Mobile Identity Platform

Vendor Risk Assessment Questionnaire

End-User Manual. for. e-pramaan: A National e-authentication Service. Submitted to

Vidder PrecisionAccess

Whitepaper on AuthShield Two Factor Authentication with ERP Applications

3M Cogent, Inc. White Paper. Beyond. Wiegand: Access Control. in the 21st Century. a 3M Company

Establishing two-factor authentication with Barracuda NG Firewall and HOTPin authentication server from Celestix Networks

PINsafe Multifactor Authentication Solution. Technical White Paper

Minnesota State Colleges and Universities System Guideline Chapter 5 Administration

UNCITRAL United Nations Commission on International Trade Law Introduction to the law of electronic signatures

Transcription:

Leveraging Authentication Annual Workshop on Intelligence and National Security Cyber Security: Vulnerabilities at Home and Abroad October 28, 2009 Securing the Supply Chain Dennis McCallam Principal Architect, Security NGIS Technical Fellow Northrop Grumman

The authentication value proposition We must look for consistency. Where there is want of it we must suspect deception. http://www.sherylfranklin.com/sh-gillette.html Authentication Consistency All facets of the data seem to match (Joe is on vacation, not in the plant, not on the interior network, on the portal) Authentication Inconsistency Something is out of line (Joe is on vacation, not in the plant, on the interior network, not on the portal)

Variety in Authentication Token 13 th Century Today Name William Wmcleve2 Location William of York 111.17.20.2 Hard (Provisioned) Possession Medallion, sword, crest Soft Possession Password Password Appearance Hair/eye/height Facial scan Knowledge Secret Secret Provisioned laptop, key fob, BlackBerry Biometric Scar Retina, fingerprint Certification (3 rd party verification) Letter from king, with seal Medium assurance soft PKI certificate 3

Authentication Single factors Method/Artifact Self-registered User ID/Shared Password/User Id Biometric: no control on biometric initialization. IP Address Private Password associated with User ID Biometric: Trusted initialization local verification Site Key Biometric: Trusted initialization + central verification Trusted Medium assurance SW/ x.509 certificate One-time Password, Soft token RSA Hard token/pin Medium Assurance HW/x.509 Assurance Little or no trust Little or no trust Little or no trust Low Trust Low Trust Low Trust Medium Trust Medium Trust Medium Trust Strong Trust Strong Trust

Aggregation Results Strength and Resilience Aggregated Authentication Artifacts (examples) Active Directory Id and Password (AD/PW) Site key + AD/PW Enterprise medium assurance certificate + AD/PW (RSA) One Time Password + AD/PW Medium assurance certificate + pin +AD/PW Trusted medium assurance certificate + verified biometric + AD/PW Properly provisioned laptop + fingerprint + physical access

Provisioning: an Authentication Artifact Requires a vetted and certified trusted provisioning process User is vetted Provided with laptop serial #aa-tt, that is fingerprint enabled Certified/trusted examiner loads laptop TPM with user s fingerprint and locks it in User plugs into internal corporate network, swipes finger, is authentication no need for user id/password Why does this work? User was properly vetted by organization Laptop was specifically assigned to user Laptop only accessible by user and selected admins Fingerprint properly loaded and vetted serves as combination user id/password but is stronger Laptop is something you have and was specifically assigned to you (so it is something you have and to some degree something you know and are) Fingerprint is something you are

Government-industry partnership focused on mitigating risks related to compliance, complexity, cost and IT that are inherent in large-scale, collaborative programs that span national jurisdictions. To do international business, companies must balance the need to protect intellectual property (IP) while demonstrating willingness and ability to meet contractual requirements from government customers for auditable, identity-based, secure flows of information. Common Framework for Federated Collaboration Identity Management & Assurance: Data Protection: Facilitate Secure Collaboration:

Leveraging the A&D Supply chain Leverages business processes for the A&D Industry Reduced Supplier on boarding/network costs (benefit to both A&D and Supply Base) Accelerated time to value for supply chain management technology initiatives Enhanced Security through strong authentication Authenticated Assurance through access management TSCP TSCP A&D A&D Companies Companies discussing discussing Cost sharing for a supplier credential using TSCP specifications e.g. ECA s & Keyfobs Cost sharing for a supplier credential using TSCP specifications e.g. ECA s & Keyfobs

Thank you and any Questions?

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information