1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 draft-urien-eap-smartcard-06.txt “EAP-Support in Smartcard”

Slides:

Advertisements

Similar presentations

Lecture 6 User Authentication (cont)

Advertisements

Slide 1/7 03/17/03 56th IETF San Francisco CA, March 16-21, 2003 “EAP support in smartcards” My name is Pascal Urien, ENST Draft-urien-EAP-smartcard-01.txt.

PNFS, 61 th IETF, DC1 pNFS: Requirements 61 th IETF – DC November 10, 2004.

SPEKE S imple Password-authenticated Exponential Key Exchange Robert Mol Phoenix Technologies.

1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 “draft-urien-eap-smartcard-type-00.txt” EAP Smart Card Protocol (EAP-SC)

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Chapter 1 – Introduction

Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

802.1x EAP Authentication Protocols

IEEE Wireless Local Area Networks (WLAN’s).

Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.

Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.

Master Thesis Proposal By Nirmala Bulusu Advisor – Dr. Edward Chow Implementation of Protected Extensible Protocol (PEAP) – An IEEE 802.1x wireless LAN.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Windows 2003 and 802.1x Secure Wireless Deployments.

Bill Gates’ RSA 2006 Keynote presentation Questions and answers.

Slide 1/8 07/17/03 EAP 57th IETF WIEN, Austria, July 13-18, 2003 “EAP support in smartcards” Pascal Urien & All ENST Draft-urien-EAP-smartcard-02.txt.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

1 /10 Pascal URIEN, IETF 69 th, Monday July 23 rd Chicago, IL, USA draft-urien-16ng-security-api-00.txt Security API for the IEEE Security Sublayer.

Eugene Chang EMU WG, IETF 70

Solutions for Secure and Trustworthy Authentication Ramesh Kesanupalli

EMU BOF EAP Method Requirements Bernard Aboba Microsoft Thursday, November 10, 2005 IETF 64, Vancouver, CA.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

1 /10 Pascal URIEN, IETF 66 h, Wednesday July 12 th,Montreal, Canada draft-urien-badra-eap-tls-identity-protection-00.txt

Slide 1/4 03/29/ rd IETF Paris, France, March 25-30, 2012 “EAP support in smartcards” draft-urien-eap-smartcard-22.txt.

Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG

Ingredients of Information Security. - Who has access the asset? - Is the asset correct? - Is the asset accessible? …uncorrupted? …authentic?

Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.

Pascal Urien Slide 1/6 55th IETF Atlanta, GA, November 17-21, 2002 “EAP support in smartcards” My name is Pascal Urien Draft-urien-EAP-smartcard-00.txt.

1 Pascal URIEN, IETF 63th Paris, France, 2nd August 2005 “draft-urien-eap-smartcard-type-02.txt” EAP Smart Card Protocol (EAP-SC)

Emu wg, IETF 70 Steve Hanna, EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,

Doc.: IEEE /303 Submission May 2001 Simon Blake-Wilson, CerticomSlide 1 EAP-TLS Alternative for Security Simon Blake-Wilson Certicom.

COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

KAIS T Comparative studies on authentication and key exchange methods for wireless LAN Jun Lei, Xiaoming Fu, Dieter Hogrefe, Jianrong Tan Computers.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

TEE: TLS Authentication Using EAP draft-nir-tls-eap-02.txt Yoav Nir Yaron Sheffer (presenter) Hannes Tschofenig Peter Gutmann IETF-70, Vancouver, Dec.

Information Systems Design and Development Security Precautions Computing Science.

Wireless Security - Encryption Joel Jaeggli For AIT Wireless and Security Workshop.

Manuel Brugnoli, Elisa Heymann UAB

Module Overview Installing and Configuring a Network Policy Server

Security Issues.

A Wireless LAN Security Protocol

Radius, LDAP, Radius used in Authenticating Users

Module 8: Securing Network Traffic by Using IPSec and Certificates

58th IETF Minneapolis, MN, November 9-14, “EAP support in smartcards”

IETF-70 EAP Method Update (EMU)

BY GAWARE S.R. DEPT.OF COMP.SCI

The Tunneled Extensible Authentication Method (TEAM)

Security in Networking

Secure Authentication System for Public WLAN Roaming

Building hardware-based security with a Trusted Platform Module (TPM)

Server-to-Client Remote Access and DirectAccess

My name is Pascal Urien, ENST

55th IETF Atlanta, GA, November 17-21, “EAP support in smartcards”

Strong Password Authentication Protocols

Mutual Authentication

IoT Security – fel vagyunk rá készülve?

K!M SAA LOGICAL SECURITY Strong Adaptive Authentication

Securing Windows 7 Lesson 10.

Module 8: Securing Network Traffic by Using IPSec and Certificates

Module 2 OBJECTIVE 14: Compare various security mechanisms.

Security Activities in IETF in support of Mobile IP

COEN 351 Authentication.

Virtual Private Networks (VPN)

Computer Security (Summary)

Presentation transcript:

1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 draft-urien-eap-smartcard-06.txt “EAP-Support in Smartcard”

2 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 Goals & News Main features EAP methods are securely processed by ISO 7816 smartcards. Smartcards MAY embed multiple methods with various EAP-types and credentials. Smartcards MAY simultaneously process several EAP methods. A method working with smartcards requires a smartcard (software) interface. According to the method complexity, this interface MAY manage some resources, like for example the GMT time used in the EAP-TLS protocol. What is new in draft version 6 EAP-TLS support.

3 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 EAP Smart Cards and EAP-TLS Security Claims Mutual Authentication Mutual authentication is enhanced by use of true random number generator (client side) Confidentiality Record Layer and Handshake Protocol are handled by a tamper resistant device. Key Derivation PRF function is securely computed in Smart Card. Man-in-the-Middle Attacks Smart Cards improve security against Trojan Horse attacks by providing a logically tamper resistant environment for the full implementation of EAP-TLS method. Dictionary Attacks Smart Cards access is protected via pin codes with a limited number of retries; permanent blocking of the device is enforced when the number of retries is exceeded. This mechanism provides enhanced protection against dictionary attacks aiming at discovering passwords. Protection Against Rogue Networks Smart Cards provide secure storage of root certificates of trusted networks. This protects the end user against rogue networks and enables the enforcement of network roaming policies.