Stefan Thomas, CTO Identity. Stefan Thomas, CTO Agenda Goals Terminology What can decentralized networks contribute? – Better Identity Provider – Public.

Slides:



Advertisements
Similar presentations
1 Susan Alexander Chief Technology Officer for Information and Identity Assurance Office of the Assistant Secretary of Defense, Networks and Information.
Advertisements

1 P2P Reputation Management Using Distributed Identities and Decentralized Recommendation Chains Authors: P. Dewan and P. Dasgupta Source: IEEE Transactions.
Location Based Trust for Mobile User – Generated Content : Applications, Challenges and Implementations Presented By : Anand Dipakkumar Joshi USC.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
WSO2 Identity Server Road Map
Diabetes Media 2.0 Advantages and Challenges of Using Web 2.0 Tools for Diabetes Awareness and Systems Support &
Active Directory: Final Solution to Enterprise System Integration
Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.
User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems.
FIT3105 Smart card based authentication and identity management Lecture 4.
Cryptographic Technologies
Account Management Best Practices OpenID for Mobile Webfinger Allen Tom Yahoo! Membership
Finalize RESTful Application Programming Interface (API) Security Recommendations Transport & Security Standards Workgroup January 28, 2014.
Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.
SACMAT02-1 Security Prototype Defining a Signature Constraint.
Identity Management, what does it solve By Gautham Mudra.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
The Study of Security and Privacy in Mobile Applications Name: Liang Wei
FIM-ig Federated Identity Management Interest Group.
Mobile Identity and Mobile Authentication (mobile e-signature) Valdis Janovs Sales Director Lattelecom Technology SIA.
Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 1 DATE HERE Julie Grace - NetDox, Inc. Emerging Internet Commerce.
Information Security Technological Security Implementation and Privacy Protection.
Microsoft Confidential Building Reusable InfoPath forms for US Government Jonny Chambers WW Lead – SSN Program Microsoft Corp.
Understanding the Value of Identity in Government Social Networking A Framework of Identity Trust in Government Social Networking September 4, 2015.
Social networking task force Jeff Jaffe Ann Bassetti Steve Holbrook 14 May
Identity Management Report By Jean Carreon and Marlon Gonzales.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Payment Gateways for e-Government services 24 May 2007
The Internet Identity Layer OpenID Connect Update for HIT Standards Committee’s Privacy and Security Workgroup Wednesday, March 12th from 10:00-2:45 PM.
© Synergetics Portfolio Security Aspecten.
Workgroup Discussion on RESTful Application Programming Interface (API) Security Transport & Security Standards Workgroup January 12, 2014.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
, Josef NollNISnet NISnet meeting Mobile Applied Trusted Computing Josef Noll,
Identity Management Hannes Tschofenig. Motivation OAuth was created to allow secure and privacy friendly sharing of data. OAuth is not an authentication.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Authority of Information Technology Application National Center of Digital Signature Authentication Ninh Binh, June 25, 2010.
Peering: A Minimalist Approach Rohan Mahy IETF 66 — Speermint WG.
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Reputation Systems Thomas Choi COMP 5104 March 5, 2008.
Web Authentication Enhancement BOF (WAE) Chair: Pete Resnick IETF 66.
1 Pascal URIEN, IETF 63th Paris, France, 2nd August 2005 “draft-urien-eap-smartcard-type-02.txt” EAP Smart Card Protocol (EAP-SC)
Justin Richer The MITRE Corporation October 8, 2014 Overview of OAuth 2.0 and Blue Button + REST.
Mobile Systems Availability Integrity and Confidentiality MoSAIC M.O.Killijian, D.Powell, M.Banâtre, P.Couderc, Y.Roudier LAAS-CNRS - IRISA- Eurécom.
GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.
Federations: The New Infrastructure Speaker Name Here Date Here Speaker Name Here Date Here.
Cyber in the Cloud & Network Enabling Offense and Defense Mark Odell April 28, 2015.
Easier to use Pier 15: Breaking Good Pier 15: Breaking Good Combating the growing problem of counterfeit drugs.
Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.
Secure Mobile Development with NetIQ Access Manager
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Connected Identity & the role of the Identity Bus Prabath Siriwardena Director of Security Architecture WSO2.
Suresh Krishnan Secure Proxy ND Suresh Krishnan
JLR, Tozny, and DHS Isaac Potoczny-Jones
The Revolutionary Benefits Of Blockchain
CIO Council: IAM Update
Certificates An increasingly popular form of authentication
SysML 2.0 Model Lifecycle Management (MLM) Working Group
Google 2 Step Verification Backup Codes Google 2 Steps Verification Backup Codes is very important to get access Gmail account. Backup codes is usually.
NextGen Access Control Platform
Operating Systems Security
The main cause for that are the famous phishing attacks, in which the attacker directs users to a fake web page identical to another one and steals the.
Peer-to-Peer Reputations
Device Registration and Multi-Factor Authentication
InfoShare A Distributed P2P Information Storage & Retrieval System
Certificates An increasingly popular form of authentication
NHS Identity Authentication fit for modern health and social care
STIR / SHAKEN for 911 use of SHAKEN 8/7/2019
Ignition’s Security Features
Presentation transcript:

Stefan Thomas, CTO Identity

Stefan Thomas, CTO Agenda Goals Terminology What can decentralized networks contribute? – Better Identity Provider – Public attestation

Stefan Thomas, CTO Goals Authentication How can users securely authorize transactions? Attestation How can we enable users to prove their trustworthiness? What are we trying to solve?

Stefan Thomas, CTO Our role We’re not identity experts. We’re payments experts. What are our unique challenges around identity? How does the emergence of distributed networks affect identity? W3C Web Payments Community Group

Stefan Thomas, CTO Terminology EntityIdentity TheMark72 Identity Provider (IdP) Reference: ISO 29115; OpenID Connect 1.0 Core

Stefan Thomas, CTO Terminology Identity TheMark72 Claim name: “Mark Dinkel” Claim Provider Reference: draft-ietf-oauth-json-web-token-19; OpenID Connect 1.0 Core

Stefan Thomas, CTO Advantages Authentication mechanism agnostic Cryptographically secure Granular sharing of information and permissions Supports discovery The good news first OpenID Connect is pretty good!

Stefan Thomas, CTO Reliance on IdPs They are a target Difficult to switch Right to own your identity Why care?

Stefan Thomas, CTO Self-issued IdP OpenID Connect 1.0 Core - Section 7 Suggested use case: Mobile phone Open issues: backup, security The other option

Stefan Thomas, CTO Peer-assisted Key Derivation (PAKDF) Trustless login using blind signatures “pw” blinding unblinding blind signature Reference: justmoon.github.io/pakdf

Stefan Thomas, CTO Peer-assisted Key Derivation (PAKDF) Full benefits of identity provider (multi-factor authentication, rate-limiting, fingerprinting) If using multiple peers provides strong protections against bad IdPs Trustless login using blind signatures “pw”

Stefan Thomas, CTO Switching providers Global distributed namespace ~alice acmebank.com rNb721TdNHN37yoURrMYDiQ ~alice

Stefan Thomas, CTO Switching providers Global distributed namespace ~alice foobank.com rNb721TdNHN37yoURrMYDiQ ~alice

Stefan Thomas, CTO Service Discovery How to pay alice? ~alice "links": [{ "rel": " "href": " }] Reference: RFC 7033 WebFinger

Stefan Thomas, CTO Service Discovery GET /api/ripple/pay?uri=alice%3Ffoobank.com… [{ “uri": “currency”: “CAD” }, { “uri": “ripple:rNb721TdNHN37yoURrMYDiQF?dt=1234”, “currency”: “BTC” }, …]

Stefan Thomas, CTO Reputation Identity Claim name: “Mark Dinkel” Claim Provider Reference: draft-ietf-oauth-json-web-token-19; OpenID Connect 1.0 Core

Stefan Thomas, CTO Reputation Identity Claim { reviewer: score: 9.5, comment: “Great guy!” } Claim Provider

Stefan Thomas, CTO Reputation Identity ClaimScore Provider 804 low risk

Stefan Thomas, CTO

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.