Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001.

Slides:

Advertisements

Similar presentations

Technical Presentation AIAC Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital.

Advertisements

1 MSc EEM118 Research Dissertation CITE, UEL Cryptography and Network Security Dr David Xiao

Digital Stamps of Companies Tarvi Martens SK, Estonia.

Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards

Internet Voting in Estonia Tarvi Martens Project Manager National Electoral Committee.

1 PK-Enabling Toolkits August 27, CSOS Interfaces STATUS CHECKING Network Interface: HTTP Port 80 PKI Interface: PKCS 10 Request PKCS 7 Response.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Authentication of the French Digital Journal officiel IFLA World Library and Information Congress August 2014, Lyon, France Didier FRANÇOIS Deputy Director.

Mobile Credentials Ennio J. Carboni Product Manager, Keon PKI

Novell from Home Net Storage. Novell access via NetStorage 1-Web Interface Connect to your shared drive through your web browser Windows, Mac or Linux.

© Southampton City Council Sean Dawtry – Southampton City Council Implementing a PKI The Southampton Pathfinder for Smart Cards in public services.

Mar 11, 2003Mårten Trolin1 Previous lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

ID-Card and Mobile-ID Computer Security 2009 world Foundation.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

About PKI Key Stores Dartmouth College PKI Lab. Key Store Defined Protected “vault” to hold user’s private key with their copy of their x.509 certificate.

SESSION D: What You Know - What You Have - What You Are: The Role of Hardware Technologies to Provide Identity Assurance BELGIUM’s Experience Washington.

魂▪創▪通魂▪創▪通 Digital Certificate and Beyond Sangrae Cho Authentication Research Team.

TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.

Internet voting in Estonia Epp Maaten Councillor of the Elections Department Chancellery of the Riigikogu.

Non-immigration Applications for Incorporation into the Smart ID Card Information Technology and Broadcasting Bureau 20 December 2001.

Public Service Development Agency IT Innovation and Innovative Public Services.

ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

CIS 375—Web App Dev II Microsoft’s.NET. 2 Introduction to.NET Steve Ballmer (January 2000): Steve Ballmer "Delivering an Internet-based platform of Next.

S/MIME Freeware Library IETF S/MIME WG 13 December 2000 Getronics Government Solutions.

Sagar Joshi Senior Security Consultant | ACE Team, Microsoft Information Security

Issues in Cryptography Ronald L. Rivest MIT Laboratory for Computer Science.

IST 222 Introduction to Operating Systems Fall, 2004.

Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)

Unit 1: Protection and Security for Grid Computing Part 2

DYNAMIC VALIDITY PERIOD CALCULATION OF DIGITAL CERTIFICATES BASED ON AGGREGATED SECURITY ASSESSMENT By Alexander Beck Jens Graupmann Frank Ortmeier.

EIDE Design Considerations 1 EIDE Design Considerations Brian Wright Portland General Electric.

DICOM Security Andrei Leontiev, M.S. Dynamic Imaging.

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

PCaPAC Rome, October 14 th 2002 Paolo Sestini System Engineer Controlling large systems apparatus in an effective manner using the.

Some Perspectives on Smart Card Cryptography

1 DMP: A proposal for Security Manager Interface Sergio Sagliocco Victoria Alvaro SecureLab, Technology Department.

Intrusion Tolerant Software Architectures Bruno Dutertre, Valentin Crettaz, Victoria Stavridou System Design Laboratory, SRI International

KATHOLIEKE UNIVERSITEIT LEUVEN 1.NET Curriculum Workshop Teaching Software Security: Case Studies on the.NET Framework Frank Piessens and Wouter Joosen.

Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.

Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.

Zetes : Be eID applications & readers Belgian eID : applications & card readers Microsoft Event June Bart Symons

CaGrid 2.0 Security Prototype 1. Goals Prototype some proposed security solutions – Ensure interoperability across programming models – Ensure interoperability.

The German eID and eIDAS

Session 64 Digital Signatures Presented by: Bob Peterson, P.E. Engineering Technology Systems.

1 Thuy, Le Huu | Pentalog VN Web Services Security.

1 Pascal URIEN, IETF 63th Paris, France, 2nd August 2005 “draft-urien-eap-smartcard-type-02.txt” EAP Smart Card Protocol (EAP-SC)

1 of 4 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

Building Preservation Environments with Data Grid Technology Reagan W. Moore Presenter: Praveen Namburi.

Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.

Mary Trauner Senior Research Scientist Georgia Institute of Technology Middleware for Video.

Mar 18, 2003Mårten Trolin1 Agenda Parts that need to be secured Card authentication Key management.

Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.

9/19/ Latest developments in Estonian eID Ivar Jung CMB Estonia.

Issues in Cryptography

RSA Laboratories’ PKCS Series - a Tutorial

e-Health Platform End 2 End encryption

CS691 M2009 Semester Project PHILIP HUYNH

کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)

CS691 M2009 Semester Project PHILIP HUYNH

Security & .NET 12/1/2018.

درس تطبيقي مادة التربية الفنية للصف الرابع الابتدائي

e-Security Solutions Penki Kontinentai Vladas Lapinskas

Marco Casassa Mont Keith Harrison Martin Sadler

Презентация құру тәсілдері

Шаттық шеңбері.

Presentation transcript:

Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001

The "cartão de cidadão" Physical and digital document that identifies citizens Simplify usage of public services via telephone or internet Objective

What is it? - SmartCard: - Incorporated microprocessor; - Allows cryptographic processing; - Allows storage; - Fulfill international standards.

Official Applications Similar application on Windows and Linux

Cards Architecture

Authentication eID PTPKCS#11 - Library to develop applications for “cartão do cidadão”; - Simpler interface; - Available for Java and.NET; - Developed above PKCS#11. - Appropriated for smartcards; - Cryptography patterns(RSA Laboratories); - Support for most used cryptographic methods (RSA, X.509,...); - Low Level interaction.

SOD Files PTEID_GetCertificates(); PTEID_GetADDR(); PTEID_GetPins(); PTEID_SetSOCAs() – define certificates location; PTEID_SetSODCheckin() – defines usage of above function. Basic security principles

Developed examples - Java Application using eidPT; - Application.NET C# Using eidPT; - Microsoft Office signature method test

.NET C# - Data read; - Address read and validation; - SWatcher.

Java - Data read; - Data read and validation;

Possibles failures Vulnerabilities: - key loggers; - Applications not using official library; - Trojans; - No evident failures with the system; - The reported error was not reproduced (PKCS#11);

Conclusions - Manual vs Digital signatures; - System is generally well conceived; - People need to be aware of vulnerabilities and try to avoid it