1 Mon. December 3, 2001A Secure National ID Card Group 8 Chris Marinak Mike Cuvelier Adam Sowers Saud Bangash.

Slides:



Advertisements
Similar presentations
What is. Digital Certificate It is an identity.
Advertisements

Securing the Worlds Information Secure Dynamic Credit and Debit Cards Stop Credit Card and Identity Theft Andre Brisson Stephen Boren Co founders/ Co.
SCSC 455 Computer Security
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.
CP3397 ECommerce.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
Public Key Management and X.509 Certificates
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Kerberos Part 1 CNS 4650 Fall 2004 Rev. 2. The Name Greek Mythology Cerberus Gatekeeper of Hates Only allowed in dead Prevented dead from leaving Spelling.
Chapter 17 Controls and Security Measures
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
FIT3105 Smart card based authentication and identity management Lecture 4.
Quantum Cryptography Qingqing Yuan. Outline No-Cloning Theorem BB84 Cryptography Protocol Quantum Digital Signature.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz.
David Molnar, David Wagner - Authors Eric McCambridge - Presenter.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
CSCI 6962: Server-side Design and Programming
X-Road (X-tee) A platform-independent secure standard interface between databases and information systems to connect databases and information systems.
Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Digital Cash By Gaurav Shetty. Agenda Introduction. Introduction. Working. Working. Desired Properties. Desired Properties. Protocols for Digital Cash.
Secure Electronic Transaction (SET)
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
CS 736 A methodology for Analyzing the Performance of Authentication Protocol by Laseinde Olaoluwa Peter Department of Computer Science West Virginia.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
DRM Building Blocks - Protecting and Tracking Content Adopted from Chapter 5, Digital Rights Management Business and Technology.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Unit 1: Protection and Security for Grid Computing Part 2
SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
Chapter 3: Basic Protocols Dulal C. Kar. Key Exchange with Symmetric Cryptography Session key –A separate key for one particular communication session.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Encryption, continued Public Key encryption and Digital Signatures.
SEC835 Runtime authentication Secure session management Secure use of cryptomaterials.
Biometrics Authentication Technology
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
1 KERBEROS: AN AUTHENTICATION SERVICE FOR OPEN NETWORK SYSTEMS J. G. Steiner, C. Neuman, J. I. Schiller MIT.
Authentication Issues and Solutions CSCI 5857: Encoding and Encryption.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.
Power Point Project Michael Bennett CST 105Y01 ONLINE Course Editor-Paulette Gannett.
1 Kerberos – Private Key System Ahmad Ibrahim. History Cerberus, the hound of Hades, (Kerberos in Greek) Developed at MIT in the mid 1980s Available as.
Security & Privacy. Learning Objectives Explain the importance of varying the access allowed to database elements at different times and for different.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
BY: CHRIS GROVES Privacy in the Voting Booth. Reason for Privacy Voters worry that their vote may be held against them in the future  People shouldn’t.
Secure Messenger Protocol using AES (Rijndael) Sang won, Lee
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Electronic Payment Systems Presented by Rufus Knight Veronica Ogle Chris Sullivan As eCommerce grows, so does our need to understand current methods of.
Attribute Delivery - Level of Assurance Jack Suess, VP of IT
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
CIA AAA. C I A Confidentiality I A Confidentiality Integrity A.
Fall 2006CS 395: Computer Security1 Key Management.
Information Systems Design and Development Security Precautions Computing Science.
Identification (User Authentication). Model Alice wishes to prove to Bob her identity in order to access a resource, obtain a service etc. Bob may ask.
Skype.
Guided by : VIPUL GAJJAR Prepared by: JIGAR KAKADIYA.
Unique Identification Number Project
Presentation transcript:

1 Mon. December 3, 2001A Secure National ID Card Group 8 Chris Marinak Mike Cuvelier Adam Sowers Saud Bangash

2 Mon. December 3, 2001A Secure National ID Card Outline Why do we need a national identity card? Brief background / history How our design works Security vs. Privacy Questions

3 Mon. December 3, 2001A Secure National ID Card The Problem… Lots of people wish they could be Dave Evans

4 Mon. December 3, 2001A Secure National ID Card The Problem… Naturally, there are many imposters

5 Mon. December 3, 2001A Secure National ID Card The Solution A standard national identification card with biometric data All citizens and immigrants will be required to have an ID card Use will be mandatory in various critical locations Card readers have connection to general authorization database

6 Mon. December 3, 2001A Secure National ID Card Background More than 100 other nations have a national ID system –Most European Nations Nothing has ever materialized in the United States –Closest was 1996 Immigration Bill Recent Congressional Hearings

7 Mon. December 3, 2001A Secure National ID Card The Basic Goal To establish a system that can accurately verify a person is who they say they are ???

8 Mon. December 3, 2001A Secure National ID Card System Requirements Card can securely hold personal identification information System of readers can be used to verify cardholder matches card data –Airports –Firearms background check, etc. Central database maintains a list of flags for each person

9 Mon. December 3, 2001A Secure National ID Card System Requirements Readers and database can securely communicate Government agencies can securely access the database flags –Wanted criminal –Suspected terrorist, etc. A nationwide network to support communication (public or private)

10 Mon. December 3, 2001A Secure National ID Card Infrastructure This system will be very expensive to create (~ $3 Bil.) and maintain (???) –Communication network –Cards –Card Readers –Card Makers –Maintenance and Support Personnel

11 Mon. December 3, 2001A Secure National ID Card System Design Card Reader Gov’t Database Card Maker FBINSACIA …

12 Mon. December 3, 2001A Secure National ID Card Levels of Security Low security – face of card –Basic identification information (photo, address, DOB, …) –Used at bars, banks, etc. High security – smart card –Holds similar information, but also stores thumbprint and voice print.

13 Mon. December 3, 2001A Secure National ID Card Security Implementation Card –The card data is encrypted with private key from RSA key pair. Database –We will assume the database is perfectly secure Why?? Because he says so…

14 Mon. December 3, 2001A Secure National ID Card The Secure Channel Uses a scheme similar to SSH Each reader has an RSA key pair and identification number The database also has an RSA key pair Database and reader use RSA to establish a secret key and use AES for data exchange

15 Mon. December 3, 2001A Secure National ID Card Security vs. Privacy As always, increased security has its price on privacy Our card will only be used in areas that already invade on privacy –Airports –Gun background checks No data will be logged so citizens cannot be tracked

16 Mon. December 3, 2001A Secure National ID Card Final Thoughts A secure national ID system is feasible (check out our report for more info) We have tried to minimize any invasions of privacy, but some things are impossible to prevent Debates are likely to heat up in the coming months Is the added security worth inherent losses in privacy???

17 Mon. December 3, 2001A Secure National ID Card Questions???

18 Mon. December 3, 2001A Secure National ID Card The Card For most purposes, the card will be used like a driver’s license For high-security areas, a reader that connects to the database will decrypt the card data Only government authorized sites will have a card reader

19 Mon. December 3, 2001A Secure National ID Card The Reader Cardholder will put thumb on reader Reader will check thumbprint against print on the card Reader will check the database to authenticate the cardholder Reader will display pass or fail

20 Mon. December 3, 2001A Secure National ID Card Low Security Many applications will maintain same security as today –Alcohol Purchases –Check Cashing Similar security as existing state IDs (except better tamper-proofing)

21 Mon. December 3, 2001A Secure National ID Card High Security Areas of high security will receive added security with the card Many already require privacy infringements –Airports –Gun purchases –Nuclear facilites, etc. Cardholder will be aware of high-security check (by authorizing connection)

22 Mon. December 3, 2001A Secure National ID Card The Secure Channel ReaderDatabase Reader requests a connection - sends unique reader ID. Random string encrypted with reader’s public key Reader sends back random string encrypted with database public key Random string is used as key for symmetric encryption using AES If a match, database sends back person’s public key for decryption and any flags Reader sends person’s ID and card serial #

23 Mon. December 3, 2001A Secure National ID Card The Database Every card issued will have a record in the database Person’s ID Card Serial Number Public KeyFlags Each card reader also has a record Reader’s Location (IP Addr.) Reader Serial Number Public Key Access Perm.

24 Mon. December 3, 2001A Secure National ID Card The Database Each personal record has flag fields –Convicted felon –Wanted criminal –Suspected terrorist, etc. Flag field only contains binary flag, no details Flags can only be seen and modified by proper agency –FBI, CIA, NSA, etc.

25 Mon. December 3, 2001A Secure National ID Card The Database Knows network location of reader Securely stores the public key of each reader Will send only relevant flags –Airports will not know whether a person is authorized to purchase a gun

26 Mon. December 3, 2001A Secure National ID Card Anticipated Attacks Fake card faces –Will not work for high security Recreated ID’s with Smart Cards –Different card serial number –Won’t have private key associated with public key in database Spoofed Readers –Will not be in proper network location –Will not have reader’s private key

27 Mon. December 3, 2001A Secure National ID Card Anticipated Attacks (cont’d) Readers log personal information –Readers made by third party Attacks on database security –We will assume the database is perfectly secure Why?? Because he says so…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.