Proposal for the support of connected and proximity crypto HW in browsers Philip Hoyer – Director Strategic Innovation January 2015 Presentation Title.

Slides:



Advertisements
Similar presentations
End Slide Format DO NOT place photos or additional text boxes on this slide. An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2013 HID Global Corporation/ASSA.
Advertisements

Global MP3 Geoffrey Beers Deborah Ford Mike Quinn Mark Ridao.
1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)
94/156/174 sRGB Color Palette Values 227/114/34 68/105/125 94/156/ /166/ /198/ /179/ /158/94 108/136/ /198/ /191/179.
94/156/174 sRGB Color Palette Values 227/114/34 68/105/125 94/156/ /166/ /198/ /179/ /158/94 108/136/ /198/ /191/179.
SOLUTION SEMINAR Moscow, Sadovoye Kolco 8 th October 2014 Romana Ebstova An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2013.
Title Subtitle. American Institute of CPAs Speaker Biography.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Introducing Microsoft PowerPoint 2010 John Matthews (ITS)
Dongyan Wang GlobalPlatform Technical Program Manager
9,825,461,087,64 10,91 6,00 0,00 8,00 SIP Identity Usage in Enterprise Scenarios IETF #64 Vancouver, 11/2005 draft-fries-sipping-identity-enterprise-scenario-01.txt.
Identity and Access IDGo Secure (ISE) for Android Didier Bonnet April 2015.
User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems.
Click to Add Title 0 Click to Add Subtitle To replace this photo with one of your own, go to the master page, delete this image, insert your own image,
COMP 4—Power Tools for the Mind 1 Power Tools Word Processing What we’ll cover for this lecture topic: –Types and Examples of Application software –Creating.
Secure Element Access from a Web browser W3C Workshop on Authentication, Hardware Tokens and Beyond 11 September Oberthur Technologies – Identity.
Introduction to VertX EVO Hardware. EVO V1000 Controller An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2010 HID Global Corporation. All rights.
Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 15: Internet Explorer and Remote Connectivity Tools.
4.01B Authoring Languages and Web Authoring Software 4.01 Examine webpage development and design.
魂▪創▪通魂▪創▪通 Digital Certificate and Beyond Sangrae Cho Authentication Research Team.
Conceptual Design of an E- commerce System Min Ding Smeal College of Business Administration Pennsylvania State University.
11 CONFIGURE INTERNET EXPLORER Chapter 5. Chapter 5: Configure Internet Explorer2 CHAPTER OVERVIEW AND OBJECTIVES  Configuring Accessibility and Language.
United Way Community Campaign
Identity and Access IDGo Secure (ISE) for Android Didier Bonnet November 2014.
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.
Leveraging UICC with Open Mobile API for Secure Applications and Services Ran Zhou.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Design Extensions to Google+ CS6204 Privacy and Security.
Hardware Token Support for the Web Analysis of the W3C Workshop on Authentication, Hardware Tokens and Beyond.
M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.
SODA Archiving October 2013
Web Page Design I Basic Computer Terms “How the Internet & the World Wide Web (www) Works”
Workgroup Discussion on RESTful Application Programming Interface (API) Security Transport & Security Standards Workgroup January 12, 2014.
Secure Credential Manager Claes Nilsson - Sony Ericsson
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
12 Developing a Web Site Section 12.1 Discuss the functions of a Web site Compare and contrast style sheets Apply cascading style sheets (CSS) to a Web.
PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG
Module 3 Configuring File Access and Printers on Windows 7 Clients.
ID anywhere mobile | smart cards | devices.
Brand guidelines I Perfect Relations Before you start Everything we do is underpinned by the Perfect Relations brand, a powerful brand that stands.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #22 Secure Web Information.
Title Here (Arial, bold, 36 pts.) Presented to Date (Arial, 20 pts.)
Hardware-based secure services past and future Olivier POTONNIEE, Aurélien COUVERT, Virginie GALINDO April 2016.
IBM Software Group © 2006 IBM Corporation Confidentiality/date line: 13pt Arial Regular, white Maximum length: 1 line Information separated by vertical.
What problems are we trying to solve? Hannes Tschofenig.
Guidance notes For prospective student audiences please use the “World Changers Welcome” on the opening and closing slides. For all other audiences please.
16 x 9 corporate Presentation Template
Title: Arial Bold 95 Pts. Subtitle (Optional): Arial Bold 65 Pts.
ISAM APPLIANCE (FEDERATION) ADMINISTRATION
Title Subtitle.
Title: Arial Bold 95 Pts. Subtitle (Optional): Arial Bold 65 Pts.
Cover slide 1 We recommend picking one cover slide from these two options and removing the other from the Master This PowerPoint Template includes a series.
Secure Element API An introduction.
Presentation title Subtitle Presenter name.
Presentation title Subtitle Presenter name.
Secure Elements and W3C L. Castillo 06/16/15.
Enhancing Web Application Security with Secure Hardware Tokens
Title: Arial Bold 95 Pts. Subtitle (Optional): Arial Bold 65 Pts.
Sample Date or Presenter Info
Title: Arial Bold 95 Pts. Subtitle (Optional): Arial Bold 65 Pts.
Presentation Title – 54pt
Presentation Title – 54pt
BIM I MRS. PAYAN POWER POINT REVIEW.
Presentation Title – 54pt
Presentation Title – 54pt
Presentation Title Presentation Title Presentation Title
PowerPoint template A template for Children’s presentations
By Kathryn M. Reeves 5/8/2000 CIS200
Title of presentation | Presentation by [Enter details in 'Header & Footer' field 18/05/2019.
Presentation transcript:

Proposal for the support of connected and proximity crypto HW in browsers Philip Hoyer – Director Strategic Innovation January 2015 Presentation Title Slide An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2012 HID Global Corporation. All rights reserved.

DO NOT place slide content below this dotted line. All slide content should go below this dotted line. DO NOT use clip art. Slide Title Format Two lines max. Font: Arial Bold Size: 24 points Before/After ¶ Space: 0 Body Text Format Font: Arial Regular Size: 18 points Line Spacing for basic body style: 24 points NOTE: Body, Bulleted, Table, and Graph text size may vary depending upon the amount of text on the slide, e.g., reduce font size if there is a large amount of text. 0/83/155 sRGB Color Palette Values 0/45/86 248/152/29 0/113/97 97/17/ /141/9 211/18/69 255/255/ /183/ /203/234 Chart Accent Colors Chart Neutral Colors (For charts, use colors in order of appearance.) Title Color 0/83/155 Body Text Colors 0/20/55 2 An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2012 HID Global Corporation. All rights reserved. Consensus of W3C crypto workshop  replace passwords as quick as possible  Allow web application in the browser to access an API that would allow the proof of possessions of keys that are also held on hardware devices  Giving direct access to the APDU / comms is a bad idea (like giving raw socket access to a web page). One of the main concern was privacy (being able to track people by tracking Ids or PIIs on the cards)  Browser extensions are going so there needs to be a solution to use existing credentials  The level of abstraction is still unclear but the web app should have access to a similar level than the current web crypto API (sign, encrypt, decrypt, etc)

DO NOT place slide content below this dotted line. All slide content should go below this dotted line. DO NOT use clip art. Slide Title Format Two lines max. Font: Arial Bold Size: 24 points Before/After ¶ Space: 0 Body Text Format Font: Arial Regular Size: 18 points Line Spacing for basic body style: 24 points NOTE: Body, Bulleted, Table, and Graph text size may vary depending upon the amount of text on the slide, e.g., reduce font size if there is a large amount of text. 0/83/155 sRGB Color Palette Values 0/45/86 248/152/29 0/113/97 97/17/ /141/9 211/18/69 255/255/ /183/ /203/234 Chart Accent Colors Chart Neutral Colors (For charts, use colors in order of appearance.) Title Color 0/83/155 Body Text Colors 0/20/55 3 An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2012 HID Global Corporation. All rights reserved. HID proposal  Requirements: –Very important to be able to support the millions of centrally issued IDs capable of being used for multiple origins / GlobalPlatform APDU based –Important to support SOP based HW tokens – FIDO (also APDU based on low layer) –Support for connected (SC, SIM, eSE, smart MicroSD, TEE) security tokens and tokens connected via NFC / BLE –No APDU channel based exposure to web app –Web app has access to discover and connect to tokens and communicate at high level API based on Webcrypto  Support for use cases beyond direct authentication (posession of key) –Sign, encrypt, potentially store and retrieve secure data, user approval (Out of band or approve / deny signing)

DO NOT place slide content below this dotted line. All slide content should go below this dotted line. DO NOT use clip art. Slide Title Format Two lines max. Font: Arial Bold Size: 24 points Before/After ¶ Space: 0 Body Text Format Font: Arial Regular Size: 18 points Line Spacing for basic body style: 24 points NOTE: Body, Bulleted, Table, and Graph text size may vary depending upon the amount of text on the slide, e.g., reduce font size if there is a large amount of text. 0/83/155 sRGB Color Palette Values 0/45/86 248/152/29 0/113/97 97/17/ /141/9 211/18/69 255/255/ /183/ /203/234 Chart Accent Colors Chart Neutral Colors (For charts, use colors in order of appearance.) Title Color 0/83/155 Body Text Colors 0/20/55 4 An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2012 HID Global Corporation. All rights reserved. Proposal – HW token API: three layers  HW token API - Higher level API (uses Comm API) : –Discovery / Connection and listing of known Security tokens independent of transport (abstract connected vs NFC / BLE, etc as much as possible) –Retrieval of the security capabilities of known Security tokens –Connection API to the security devices at an abstraction level that would then map it to the existing W3C Crypto API Level (e.g. ability to retrieve a handle to a SubtleCrypto interface from a connected device handle)  Token API translation layer based on secure JS scripts run in browser sandbox retrieved from central trusted source by identifying the token / Application (using answer to reset / AIDs / FIDO attestation certificates …) –Potentially take as base:  Communication oriented API, to be able to communicate with the HW token device from the translation script –Connected tokens – USB, SIMAlliance (SIM, eSE, Smart MicroSD) –NFC / BLE

DO NOT place slide content below this dotted line. All slide content should go below this dotted line. DO NOT use clip art. Slide Title Format Two lines max. Font: Arial Bold Size: 24 points Before/After ¶ Space: 0 Body Text Format Font: Arial Regular Size: 18 points Line Spacing for basic body style: 24 points NOTE: Body, Bulleted, Table, and Graph text size may vary depending upon the amount of text on the slide, e.g., reduce font size if there is a large amount of text. 0/83/155 sRGB Color Palette Values 0/45/86 248/152/29 0/113/97 97/17/ /141/9 211/18/69 255/255/ /183/ /203/234 Chart Accent Colors Chart Neutral Colors (For charts, use colors in order of appearance.) Title Color 0/83/155 Body Text Colors 0/20/55 5 An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2012 HID Global Corporation. All rights reserved. Architecture

DO NOT place slide content below this dotted line. All slide content should go below this dotted line. DO NOT use clip art. Slide Title Format Two lines max. Font: Arial Bold Size: 24 points Before/After ¶ Space: 0 Body Text Format Font: Arial Regular Size: 18 points Line Spacing for basic body style: 24 points NOTE: Body, Bulleted, Table, and Graph text size may vary depending upon the amount of text on the slide, e.g., reduce font size if there is a large amount of text. 0/83/155 sRGB Color Palette Values 0/45/86 248/152/29 0/113/97 97/17/ /141/9 211/18/69 255/255/ /183/ /203/234 Chart Accent Colors Chart Neutral Colors (For charts, use colors in order of appearance.) Title Color 0/83/155 Body Text Colors 0/20/55 6 An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2012 HID Global Corporation. All rights reserved. Layer diagram

DO NOT place slide content below this dotted line. All slide content should go below this dotted line. DO NOT use clip art. Slide Title Format Two lines max. Font: Arial Bold Size: 24 points Before/After ¶ Space: 0 Body Text Format Font: Arial Regular Size: 18 points Line Spacing for basic body style: 24 points NOTE: Body, Bulleted, Table, and Graph text size may vary depending upon the amount of text on the slide, e.g., reduce font size if there is a large amount of text. 0/83/155 sRGB Color Palette Values 0/45/86 248/152/29 0/113/97 97/17/ /141/9 211/18/69 255/255/ /183/ /203/234 Chart Accent Colors Chart Neutral Colors (For charts, use colors in order of appearance.) Title Color 0/83/155 Body Text Colors 0/20/55 7 An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2012 HID Global Corporation. All rights reserved. To be explored  Privacy –Can we restrict which web app has access to which keys / token identifiers so not to track users across origins –NOTE: some centrally issued cross origin eIDs already have privacy features (e.g. German eID card, HID Seos card, etc) –By scoping the access of the API to the token itself the browser could prompt the user “ wants to use your “Smart Card” token (not ideal) –Do we propose a CORS like standard to be put on the tokens/ devices?

DO NOT place slide content below this dotted line. Photo content should go below this dotted line. DO NOT Change Image An ASSA ABLOY Group brand PROPRIETARY INFORMATION. © 2012 HID Global Corporation. All rights reserved. 8 0/83/155 sRGB Color Palette Values 0/45/86 248/152/29 0/113/97 97/17/ /141/9 211/18/69 255/255/ /183/ /203/234 Chart Accent Colors Chart Neutral Colors (For charts, use colors in order of appearance.) Title Color 0/83/155 Body Text Colors 0/20/55 Thank You Slide

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.