Many personal devices have rich set of capabilities: sensors, communication, computing power and data storage, and they are personal. Potentially they.

Slides:

Advertisements

Similar presentations

Information Security Domains Computer Operations Security By: Shafi Alassmi Instructor: Francis G. Date: Sep 22, 2010.

Advertisements

Match On Card Technology and its use for PKI Mgr. Miroslav Valeš Sales Manager Eastern Europe May 9, 2001 CATE 2001 Security and Protection.

Innovation Towards a next generation secure internet Private Application Ecosystems Sanjay Deshpande CEO and Chief Innovation Officer Center.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Cobalt: Separating content distribution from authorization in distributed file systems Kaushik Veeraraghavan Andrew Myrick Jason Flinn University of Michigan.

 Physical Logical Access  Physical and Logical Access  Total SSO and Password Automation  Disk/Data Encryption  Centralized management system  Biometric.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

9/11/2012Pomcor 1 Techniques for Implementing Derived Credentials Francisco Corella Karen Lewison Pomcor (

Aloaha protects Mobile M2M Communication with secureSIM.

Fuzzy Stuff Lecture 24, Outline Motivation: Biometric Architectures Motivation: Biometric Architectures New Tool (for us): Error Correcting.

Offline Untrusted Storage with Immediate Detection of Forking and Replay Attacks Marten van Dijk, Jonathan Rhodes, Luis Sarmenta Srini Devadas MIT Computer.

Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.

1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.

Trustworthy and Personalized Computing Christopher Strasburg Department of Computer Science Iowa State University November 12, 2008.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Fuzzy extractor based on universal hashes

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

 Secure Authentication Using Biometric Data Karen Cui.

FIT3105 Smart card based authentication and identity management Lecture 4.

Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

Digital Rights Management with Consumer Interests 逢甲大學資工系教授李維斌 Nov. 06, 2009.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

Lesson 1-What Is Information Security?. Overview History of security. Security as a process.

魂▪創▪通魂▪創▪通 Digital Certificate and Beyond Sangrae Cho Authentication Research Team.

L C SL C S The Untrusted Computer Problem and Camera-Based Authentication Dwaine Clarke, Blaise Gassend, Thomas Kotwal, Matt Burnside, Marten van Dijk,

The Office of Information Technology Two-Factor Authentication.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Many other computer components also must communicate with the CPU. In fact, each hardware input, output, or storage device requires these elements.

Authentication Approaches over Internet Jia Li

Real Security InterSwyft Technical information's.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Chapter 10: Authentication Guide to Computer Network Security.

Author of Record Digital Identity Management Sub-Workgroup October 24, 2012.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Information Security for Managers (Master MIS)

多媒體網路安全實驗室 A Strong User Authentication Framework for Cloud Computing Date ： Reporter : Hong Ji Wei Authors : Amlan Jyoti Choudhury, Mangal.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.

Trusted Computing BY: Sam Ranjbari Billy J. Garcia.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

“Stronger” Web Authentication: A Security Review Cory Scott.

Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.

出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲吳俊逸.

Action SecWG1012:9 “Investigate how role-based access, in compliance with FIPS 140-2, can be used by flight crypto systems.” Where this question comes.

Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)

How to Deploy and Get the Most Out of Tokens Paul Caskey PKI Deployment Forum 2008.

Pertemuan #9 Security in Practice Kuliah Pengaman Jaringan.

TECHNICAL SEMINAR PRESENTATION BIOMETRICS:THE MAGIC OF IDENTIFICATION.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.

File Transfer And Access (FTP, TFTP, NFS). Remote File Access, Transfer and Storage Networks For different goals variety of approaches to remote file.

1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.

VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.

M2 Encryption techniques Gladys Nzita-Mak. What is encryption? Encryption is the method of having information such as text being converted into a format.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Secure Biometric Authentication for Weak Computational Devices Mikhail Atallah (Purdue),Keith Frikken (Purdue), Michael Goodrich (UC- Irvine), Roberto.

A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó.

Identity Standards Architect, Microsoft

Key management issues in PGP

TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.

The “Untrusted” Computer Problem

A Framework of Remote Biometric Authentication on the Open Network

Security, Devices and Automation Research in Oxygen

Presentation transcript:

Many personal devices have rich set of capabilities: sensors, communication, computing power and data storage, and they are personal. Potentially they can aid the owners in performing authentication and securing communication. (User friendliness) + (Security) + ?

Server Terminal User smartcard (password, key) password, biometric Key, location info.

1.Personal device is trusted. Terminal untrusted. (Public Kiosk) 2.2-Factor Authentication. 3.Personal device is honest but it can be lost. (cant store sensitive data). Server Terminal User smartcard (password, key) password biometric Key, location info

TPM S. Garriss, R. Caceres, S. Berger, R Sailer, L. Doorn, X. Zhang. Trustworthy and Personalized Computing on Public kiosk, MobiSys08 Server Terminal User Personal device to verify that the kiosk has only loaded trustworthy software.

A. Oprea, D. Balfanz, G. Durfee and K.K. Smetters, Remote Terminal Application with a Mobile Trusted Device, ACSAC04 Server Terminal User tunnel connection

Personal device as OTP token. Oct 1, 2010 Server Terminal User (password, key) password Key Monetary Authority of Singapore expects banks to implement two-factor authentication at login in Internet Banking.

Using an out-of-band channel. Mobile authentication Oct 1, 2010 Server Terminal User sms (text message) password (password, OTP) OTP Can be made secure, but difficult to use.

Oct 1, 2010 Server Internet Terminal User key D.E. Clarke, B. Gassend, T. Kotwal, M. Burnside, M. Dijk, S. Devadas, and R.L. Rivest. The untrusted computer problem and camera-based authentication. International Conf. on Pervasive Computing, 2002 visual channel Using OCR to verify the messages and their signature

Oct 1, 2010 Server Internet Terminal User Image from [Sharp2006] Sharp et al, Secure Mobile Computing Via Public Terminal. key R. Sharp, J. Scott, A. Beresford, Secure Mobile Computing via Public Terminals. International Conference on Pervasive Computing, 2006

Oct 1, 2010 Server Internet Terminal User key, password key C. Fang, E.C.Chang, Securing Interactive Sessions Using Mobile Device through Visual Channel and Visual Inspection, ACSAC visual channel password Dat e acc oun t rem ark amo unt

Server User smartcard key Key Terminal

Server User key, password Key Terminal password

Server User ( k ) biometric k= H(Key, biometric) Terminal the biometric data are not stored in the server

Technical challenges in using biometric data: They are noisy. The key extracted by the cryptographic secure hash has to be consistent even under noise! – Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data, EUROCRYPT – Linnartz, J.-P.M.G., Tuyls, P., New shielding functions to enhance privacy and prevent misuse of biometric templates. AVBPA 2003

We can use the computing power of personal device to enhance security. Can location information help?