Peace Out, Passwords Identity and Access Management for the rest of us.

Slides:



Advertisements
Similar presentations
(nothing to see here). First thing you need to learn is that sysadmin is about people, not technology If youre a sysadmin so you dont have to deal with.
Advertisements

E-books and E-journals Off-campus This presentation will show you how to log in and access Oxford Brookes Library e-books and e-journals when youre off.
E-books and E-journals Off-campus This presentation will show you how to log in and access Oxford Brookes Library e-books and e-journals when youre off.
The quest to replace passwords Evangelos Markatos Based on a paper by Joseph Bonneau,Cormac Herley, Paul C. van Oorschot, and Frank Stajanod.
Chapter 1  Introduction 1 Chapter 1: Introduction.
Frank Stajano Presented by Patrick Davis 1.  Ubiquitous Computing ◦ Exact concept inception date is unknown ◦ Basically background computing in life.
Implications and Security Issues of the Internet By Neelesh Patel.
Security Security comes in three forms. 1.Encryption – making data and information transmitted by one person unintelligible to anyone other than the intended.
15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.
By Aidan Summerville.  The process inn which a person’s unique physical and other traits are detected and recorded by an electronic device or system.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
What’s Next What We believe Who We Are Cloud Computing Big data Mobility Social Enterprise.
Strong : Do You Really Need Them? October 30, 2013.
SM3121 Software Technology Mark Green School of Creative Media.
Secure Your Future Now ….. Logical Access Control and Data Security Brought to you by Support & Maintenance by DCS Global Info.
ENCRYPTION Coffee Hour for August HISTORY OF ENCRYPTION Scytale Ciphers – paper wrapped around rod, receiver needed same size rod to get the message.
Why You Should Buy A I-Phone 4s. By Steven Gailitis.
Password Management Programs By SIR Phil Goff, Branch 116 Area 2 Computers and Technology April 18,
The Study of Security and Privacy in Mobile Applications Name: Liang Wei
The Impact of Physical Security on Network Security
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
Digital Identity Management Strategy, Policies and Architecture Kent Percival A presentation to the Information Services Committee.
BIOMETRICS IN RETAIL Ben McDaniel Paul Acken Wesley McAhren.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
SEC835 Database and Web application security Information Security Architecture.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.
BUSINESS B1 Information Security.
Identification and Authentication University of Sunderland COM380 Harry R. Erwin, PhD.
Students in our 5 th grade classrooms are going to receive their own iPad to use during the school day. This allows for even more opportunities for creativity,
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
Viruses Hackers Backups Stuxnet Portfolio Computer viruses are small programs or scripts that can negatively affect the health of your computer. A.
Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Kamran Didcote.
“The FIDO Alliance Today”
ISPAB Panel on Usable Security Mary Frances Theofanos - NIST Ellen Cram Kowalczyk - Microsoft.
Lecture 7 Page 1 CS 236 Online Authentication CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Bailey Ryan.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Computer Security By Duncan Hall.
Attribute Delivery - Level of Assurance Jack Suess, VP of IT
Chris Calderon – February 2016 MIS 534 Information Security Management.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
BOPS – Biometric Open Protocol Standard Emilio J. Sanchez-Sierra.
Mobile Device Security Threats Christina Blakley Host Computer Security.
By: Alina. If I’m signing up for a job the people who might hire me have to search on the internet if I’m mature or capable of having a job because if.
Computer Security Set of slides 8 Dr Alexei Vernitski.
Mobile device security Practical advice on how to keep your mobile device and the data on it safe.
A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó.
Challenge/Response Authentication
Outline The basic authentication problem
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Common Methods Used to Commit Computer Crimes
Goodbye to Passwords.
Challenge/Response Authentication
Information Security.
Mobile Application Development
Password Management Limit login attempts Encrypt your passwords
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
How to Protect Yourself from ID Theft and Social Engineering
Introduction to Networking
Biometrics Reg: AMP/HNDIT/F/F/E/2013/067.
IS SIMPLIFYING COMPLICATED? Visit my website :
Setting up an online account
Biometric technology.
The main cause for that are the famous phishing attacks, in which the attacker directs users to a fake web page identical to another one and steals the.
Qiyu chen, Xiaomin Dong, Chenhui Lai, Xinteng Chen, Vittorio DiPentino
Preparing for the Windows 8. 1 MCSA Module 6: Securing Windows 8
It matters By: Nina Fehrenbach
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

Peace Out, Passwords Identity and Access Management for the rest of us

Identity and Access Management Security Discipline enabling: ◦Right Individuals access to the ◦Right Resources at the ◦Right Times for the ◦Right Reasons On an enterprise level, IAM addresses need to ensure appropriate access to resources across increasingly heterogeneous technology environments, and to meet rigorous compliance requirements

Access Controls Similar to what we’ve discussed in class: ◦There are many ways to verify identity ◦Multi-Factor Authentication ◦Biometrics ◦Protecting information assets the right way But how can you and I relate?

Biometrics at a consumer level Many companies are starting to manage access differently for users and consumers at various levels Using fingerprints and other multi-factor authentication, companies are making secure access to one’s personal information assets easy, whether it’s your paypal account info or pictures on your phone

Apple wasn’t first to the party Apple made a big splash with their fingerprint readers on iPhone 5S models and newer But Lenovo Thinkpads and HP Envy laptops have allowed users to link up to ten passwords to their fingerprints for a few years

Small scale issues From my professional experience… People tend to forget that their fingerprint is actually linked to a password; either a word, phrase or passcode Makes it hard to access or reset if you’re not there or your reader fails for some reason It makes access and identification easy but human element can complicate things

Large scale and security issues It’s a big deal if you forget your password and can’t verify your identity to change it It’s an even bigger deal if your fingerprint is cracked and a hacker gets your password to your online banking profile or your paypal account, etc. The fingerprint scanner on the iPhone made a splash for users and hackers

Big money in the hack In September 2013, shortly after the iPhone 5S was released, a security researcher collected donations to award to the first hacker to crack the new security feature. $14,000 was given to a German biometrics hacking group “We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can’t change and that you leave everywhere every day as a security token.” ◦Frank Rieger, Chaos Computer Club ◦ fingerprint-scanner-hacked-by-german-computer-club/ fingerprint-scanner-hacked-by-german-computer-club/ ◦

…and again Many hackers and security specialists have reported that the new iPhone 6 models released in late 2014 suffer from the same flaw Except now with Apple Pay being a big feature with the new phones, the stakes are much higher for abuse of the security flaw Lookout, a mobile security firm suggests using a passphrase or a passcode in conjunction with the fingerprint for two-factor authentication “The attack requires skill, patience and a really good copy of someone’s fingerprint – any old smudge won’t work. Furthermore, the process to turn that print into a useable copy is sufficiently complex that it’s hightly unlikely to be a threat for anything other than a target attack by a sophisticated individual.” ◦Marc Rogers, Lookout Mobile Security

It’s not going anywhere Because we store an enormous amount of personal info on cell phones and they are so often subject to threat, it’s going to continue to be important for companies to develop new and better technology for access control to personal devices. Iris on the Move being integrated into future Samsung Galaxy devices biometric-identification-systems biometric-identification-systems Image acquisition system based on hi-res cameras, video synchronized strobed illumination and specularity based image segmentation In addition, FIDO Alliance (Fast Identity Online) is working to develop technical specifications that define an open, scalable, interoperable set of mechanisms that reduce the reliance on passwords to authenticate users. They are using systems that rely on tokens and biometrics to authenticate

Still hackable But as students of Information Security, we have to look at all new developments in consumer level access controls through a critical scope We have to assume that everything can be hacked and probably will be The important thing is that people are aware of potential security holes and can take strides to combat them on a personal level

Works Cited iphone-5s-fingerprint-scanner-hacked-by- german-computer-club/ iphone-5s-fingerprint-scanner-hacked-by- german-computer-club/ iphone_6_still_vulnerable_to_touchid_fing erprint_hack/ iphone_6_still_vulnerable_to_touchid_fing erprint_hack/ glossary/identity-and-access- management-iam/ glossary/identity-and-access- management-iam/