Presentation is loading. Please wait.

Presentation is loading. Please wait.

A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó.

Published byPhyllis Horton Modified over 8 years ago

Similar presentations

Presentation on theme: "A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó."— Presentation transcript:

1 a l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó

2 a l a d d I n. c o m Aladdin Product Lines Software Rights Management – Copy protection, IP protection and secure licensing solution for software vendors Software Publishers and Embedded System Vendors Solutions for access, authentication and password/digital identity management Enterprise Education Finance Biopharm Government TARGET MARKET Web gateway content security and proactive email security Enterprise Education Government and ISP’s DRM ENTERPRISE SECURITY

3 a l a d d I n. c o m Data is everywhere Servers Workstations (LAN) Laptops Mobile

4 a l a d d I n. c o m Identity Theft There are two kinds of companies: those who have experienced a data breach, and those who will.

5 a l a d d I n. c o m Identification, Authentication and Strong Authentication Benefits of Strong Authentication Aladdin Strong Authentication Product Offering Strong Authentication and Beyond STRONG AUTHENTICATION

6 a l a d d I n. c o m Evidence of identity; something that identifies a person or thing The condition of having the identity (of a person or object) established The unique data, name, number or code, identifying a certain object or person The process of specifically identifying an object from a large class of objects through reading symbols Identification IDENTIFICATION

7 a l a d d I n. c o m Identification – Real World Name, Paper Certificate (ID Card, Driver’s License…) Physical Appearance

8 a l a d d I n. c o m Identification – Computer Systems Username Digital Certificate RFID Biometrics

9 a l a d d I n. c o m Identification - Usernames Most dominant identification factor Easily Obtained

10 a l a d d I n. c o m Identification – Digital Certificates Identifies a User, Computer, Server X509V3 is the latest standard Subject to Human Error (Trust)

11 a l a d d I n. c o m In computer security, verification of the identity of a user or the user's eligibility to access an object The process of identifying an individual or data. In security systems, authentication is distinct from authorization. Authentication merely confirms that the identification of the individual or data is accurate Simply put, authentication is verifying identity. Authentication is the process of determining whether someone or something is actually who or what it asserts itself to be The process of verifying the claimed identity of an individual user, machine, software component, or any other entity Authentication

12 a l a d d I n. c o m Authentication Methods Passwords One Time Passwords Public/Private Key Pairs (Digital Certificates) Biometrics METHODS AUTHENTICATION

13 a l a d d I n. c o m Passwords

14 a l a d d I n. c o m Passwords – Insecure and Costly Simple passwords – easy to guess Complex passwords – hard to remember Passwords are rarely changed Passwords can be shared “Not only are passwords insecure… Gartner Group and Forrester Research put the cost of resetting a password at about $50, while a survey from software giant Computer Associates estimated 70% of help desk calls concern password replacements” Source: www.cryptocard.com, 2004, Identity thieves target firmswww.cryptocard.com

15 a l a d d I n. c o m One Time Passwords An OTP (one-time password) system generates a series of passwords that are used to authenticate Once one of the passwords is used, it cannot be used again The logon system will always expect a new one-time password at the next logon

16 a l a d d I n. c o m One Time Password - Tokens Password is generated on the device (token) Zero footprint, Platform independent Battery Operated (limited lifetime) Strong Authentication when combined with PIN code

17 a l a d d I n. c o m One Time Password – Soft OTP Software generated Variety of devices (Cell. Phone, PDA, Laptop, PC) Low cost solution (compared to token) Limited control Distribution Overhead (of the OTP program)

18 a l a d d I n. c o m One Time Password over SMS Challenge-Response system Generate the challenge on the Web, via SMS, etc’ Main problem is reliability (usability concern) SMS Costs is also a concern (in large volumes) High TCO / Limited ROI

19 a l a d d I n. c o m Public-Private Key Pairs (Dig. Certificates) Digital Certificates contain the Public Key After trust is established, mathematical operation authenticates Allows mutual authentication (protocol dependant) Private key must be protected

20 a l a d d I n. c o m Digital Certificates on Smart Cards Dedicated Hardware Secure – on-board key generation and storage Allows personalization Costly and less convenient – requires a reader

21 a l a d d I n. c o m Digital Certificates on USB based Smart Cards Dedicated Hardware Secure – on-board key generation and storage Reader-less Portable

22 a l a d d I n. c o m Biometrics Can provide both functions: Identification and Authentication Physiological / Behavioral Costly Complex to install (FAR/FRR) Privacy Issues

23 a l a d d I n. c o m Strong Authentication Strong authentication means using two or more authentication methods What you are Authentication – the three ‛what’s What you haveWhat you know User Name: Password: x 

24 a l a d d I n. c o m Enhanced online services 24x7 secure access to sensitive business information Enhanced productivity (single sign-on) Digital signing of transactions Secure PCs and laptops Reliable Authentication Enables Business

25 a l a d d I n. c o m eToken Product Offering

26 a l a d d I n. c o m OTP or PKI?

27 a l a d d I n. c o m Strong Authentication and Beyond OTP Provides Strong Authentication Smart Tokens with PKI will take you beyond: Authentication Encryption Signing

28 a l a d d I n. c o m Strong Authentication and Beyond Source: eToken Customer Survey PKI PKI PKI PKI PKI PKI PKI PKI OTP

29 a l a d d I n. c o m eToken Devices eToken PRO –USB, reader-less smart card eToken PRO Smartcard –eToken PRO in traditional smart card form factor eToken NG-OTP –First ever USB smart card token with One-Time Password generation capabilities eToken NG-FLASH –USB smart card token with encrypted Flash memory for portable mass data storage eToken PASS –One Time Password Authenticator

30 a l a d d I n. c o m SafeWord 2008

31 a l a d d I n. c o m www.aladdin.com/eToken www.nador.hu Köszönöm megtisztelő figyelmüket

Download ppt "A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó."

Similar presentations

© Aladdin Knowledge Systems 2006 Aladdin eToken Overview Bill Dolan Regional Manager – Northeast 914-714-1840

© Aladdin Knowledge Systems 2006 Aladdin eToken Overview Bill Dolan Regional Manager – Northeast
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Installation & User Guide

Installation & User Guide
Innovation Towards a next generation secure internet Private Application Ecosystems Sanjay Deshpande CEO and Chief Innovation Officer Center.

Innovation Towards a next generation secure internet Private Application Ecosystems Sanjay Deshpande CEO and Chief Innovation Officer Center.
McAfee One Time Password

McAfee One Time Password
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.

A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.
The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000.

The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000.
SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.

SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.
SPEKE S imple Password-authenticated Exponential Key Exchange Robert Mol Phoenix Technologies.

SPEKE S imple Password-authenticated Exponential Key Exchange Robert Mol Phoenix Technologies.
1 Cypak core technology New convenient security solutions for online gaming Combat fraud and keep your customer happy.

1 Cypak core technology New convenient security solutions for online gaming Combat fraud and keep your customer happy.
EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.

EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.
Security Security comes in three forms. 1.Encryption – making data and information transmitted by one person unintelligible to anyone other than the intended.

Security Security comes in three forms. 1.Encryption – making data and information transmitted by one person unintelligible to anyone other than the intended.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.

15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.
eToken Virtual and MobilePASS

eToken Virtual and MobilePASS
Authentication & Kerberos

Authentication & Kerberos
Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.

Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.
eToken PKI Client Overview

eToken PKI Client Overview

Similar presentations

Ads by Google