Passwords are not able to keep user safe.

Slides:



Advertisements
Similar presentations
Mobile Devices in the DoD
Advertisements

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
User Registration. Click on ‘Sign Up’ button. Enter Registration details and click on submit button.
Vpn-info.com.
Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.
Tony Mangefeste Senior Program Manager Microsoft Corporation SYS-462T.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Electronic Transaction Security (E-Commerce)
Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.
Microsoft Ignite /16/2017 4:55 PM
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
FIT3105 Smart card based authentication and identity management Lecture 4.
Class on Security Raghu. Current state of Security Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Public Key Infrastructure from the Most Trusted Name in e-Security.
Zach Miller Condor Project Computer Sciences Department University of Wisconsin-Madison Securing Your Condor Pool With SSL.
Cryptography 101 Frank Hecker
Identity and Access IDGo Secure (ISE) for Android Didier Bonnet November 2014.
Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.
OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
Information Security for Managers (Master MIS)
1 FirePass 6.0 Sales Training. 2 Agenda FirePass 6.0 Release Highlights Packaging & Pricing Product Availability Q&A.
© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.
Solutions for Secure and Trustworthy Authentication Ramesh Kesanupalli
E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.
Module 9: Fundamentals of Securing Network Communication.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Introduction to Public Key Infrastructure January 2004 CSG Meeting Jim Jokl.
Advanced Windows 8 Apps Using JavaScript Jump Start Exam Prep M5: Data, Files, and Encryption Michael Palermo Microsoft Technical Evangelist Jeremy.
Kerberos. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open source or in supported commercial software.
Data Encryption using SSL Topic 5, Chapter 15 Network Programming Kansas State University at Salina.
Reducing Trust Domain with TXT Daniel De Graaf. TXT overview Original TPM – Static Root of Trust – BIOS, all boot ROMs, bootloader, hypervisor, OS TPM.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Extending ISA/IAG beyond the limit. AGAT Security suite - introduction AGAT Security suite is a set of unique components that allow extending ISA / IAG.
Case Study.  Client needed to build data collection agents for various mobile platform  This needs to be integrated with the existing J2ee server 
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
The FIDO Approach to Privacy Hannes Tschofenig, ARM Limited 1.
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
Copyright © 2003 Jorgen Thelin / Cape Clear Software 1 A Web Services Security Framework Jorgen Thelin Chief Scientist Cape Clear Software Inc.
1. U2F Case Study Examining the U2F paradox 3 What is Universal 2 nd Factor (U2F)?
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
Advanced Authentication Campus-Booster ID: Copyright © SUPINFO. All rights reserved Kerberos.
1 Information Security – Theory vs. Reality , Winter Lecture 12: Trusted computing architecture (cont.), Eran Tromer Slides credit:
Deploying Mobility Securely. The Risks It’s just my calendar! Theft and loss Personal device ownership Malicious software Cracking and hacking.
KERBEROS SYSTEM Kumar Madugula.
VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.
Information Systems Design and Development Security Precautions Computing Science.
Windows 10 Device Health Attestation (DHA)
Modern User and Device Authentication  Biometric Fingerprints: Moving beyond Login  TPM Key Attestation: Binding a user and machine identities  Strong.
1 Authentication Celia Li Computer Science and Engineering York University.
Identity Standards Architect, Microsoft
Outline The basic authentication problem
Deploy and Manage BitLocker using MBAM
Microsoft Passport and Windows Hello Developer’s Guide to Windows 10 Build SDK Update Andy Wigley
Secure authentication with Windows Hello
TechEd /30/2018 9:20 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Authentication.
Identity Processor Secures IoT Systems
Public Key Infrastructure from the Most Trusted Name in e-Security
Presentation transcript:

Passwords are not able to keep user safe

Ease users’ struggle to enter credentials on touch devices Built-in Windows experiences Introduce a new “touch” fingerprint sensors Light up a few engaging scenarios Our Goals for Windows 8.1

Windows Biometrics Engine Adapter Storage Adapter (inbox but can be replaced by 3 rd party if needed) Sensor Adapter (inbox but can be replaced by 3 rd party if needed) Windows Biometric Device Interface (WBDI) Driver Sensor OS component 3 rd party application 3 rd party driver and companion components

Confirming purchase, profile change, in-app experiences Helps control and personalize device experience Highly desired as a means to control high-value transactions, e.g. purchases Can benefit “cloaking” apps, access to an app, release credentials…

CredUI Broker LocalSystem Request Verification Check Availability OS components Apps

EKAIK

User with TPM capable device EKPubs and EkCert obtained out of band Here my RSA (pub), signed by AIK Also, my AIK(pub), signed by EK And here is my EK(pub) Validate EK && generate challenge Validate secret Here is a secret, Encrypted to your EK(pub), Can you tell me a secret? Here is your decrypted secret which proves I own EK(priv) Certificate issued for RSA key EK AIK RSA

RADIUS + VPN Certificate Authority TPM Attested Certificate Non-Attested Certificate Request and Get Certificate

Mail App package WWAHost Select client auth cert LiveComm Use the selected cert for SSL Mail server

RAS Select certificate VPN app Use the selected certificate over SSL VPN server

var certNamespace = Windows.Security.Cryptography.Certificates; var selectedCert; var query = new certNamespace.CertificateQuery(); query.friendlyName = “clientAuthCert”; certNamespace.CertificateStores.findAllAsync(query).done(f unction); (certs) { if (certs.size > 0) { for (var i = 0; i < certs.size; i++) { if (certs[i].isStronglyProtected) { selectedCert = certs[i]; break; } });

Strong User Identity with Virtual Smart Card

Text Theft Proofing and Identities Stronger Single Factor Authentication Two Factor Authentication Text

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.