Presentation is loading. Please wait.

Presentation is loading. Please wait.

Peace Out, Passwords Identity and Access Management for the rest of us.

Published byWinifred Edwina Leonard Modified over 9 years ago

Similar presentations

Presentation on theme: "Peace Out, Passwords Identity and Access Management for the rest of us."— Presentation transcript:

1 Peace Out, Passwords Identity and Access Management for the rest of us

2 Identity and Access Management Security Discipline enabling: ◦Right Individuals access to the ◦Right Resources at the ◦Right Times for the ◦Right Reasons On an enterprise level, IAM addresses need to ensure appropriate access to resources across increasingly heterogeneous technology environments, and to meet rigorous compliance requirements

3 Access Controls Similar to what we’ve discussed in class: ◦There are many ways to verify identity ◦Multi-Factor Authentication ◦Biometrics ◦Protecting information assets the right way But how can you and I relate?

4 Biometrics at a consumer level Many companies are starting to manage access differently for users and consumers at various levels Using fingerprints and other multi-factor authentication, companies are making secure access to one’s personal information assets easy, whether it’s your paypal account info or pictures on your phone

5 Apple wasn’t first to the party Apple made a big splash with their fingerprint readers on iPhone 5S models and newer But Lenovo Thinkpads and HP Envy laptops have allowed users to link up to ten passwords to their fingerprints for a few years

6 Small scale issues From my professional experience… People tend to forget that their fingerprint is actually linked to a password; either a word, phrase or passcode Makes it hard to access or reset if you’re not there or your reader fails for some reason It makes access and identification easy but human element can complicate things

7 Large scale and security issues It’s a big deal if you forget your password and can’t verify your identity to change it It’s an even bigger deal if your fingerprint is cracked and a hacker gets your password to your online banking profile or your paypal account, etc. The fingerprint scanner on the iPhone made a splash for users and hackers

8 Big money in the hack In September 2013, shortly after the iPhone 5S was released, a security researcher collected donations to award to the first hacker to crack the new security feature. $14,000 was given to a German biometrics hacking group “We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can’t change and that you leave everywhere every day as a security token.” ◦Frank Rieger, Chaos Computer Club ◦http://www.cbsnews.com/news/apples-iphone-5s- fingerprint-scanner-hacked-by-german-computer-club/http://www.cbsnews.com/news/apples-iphone-5s- fingerprint-scanner-hacked-by-german-computer-club/ ◦https://vimeo.com/75324765https://vimeo.com/75324765

9 …and again Many hackers and security specialists have reported that the new iPhone 6 models released in late 2014 suffer from the same flaw Except now with Apple Pay being a big feature with the new phones, the stakes are much higher for abuse of the security flaw Lookout, a mobile security firm suggests using a passphrase or a passcode in conjunction with the fingerprint for two-factor authentication “The attack requires skill, patience and a really good copy of someone’s fingerprint – any old smudge won’t work. Furthermore, the process to turn that print into a useable copy is sufficiently complex that it’s hightly unlikely to be a threat for anything other than a target attack by a sophisticated individual.” ◦Marc Rogers, Lookout Mobile Security

10 It’s not going anywhere Because we store an enormous amount of personal info on cell phones and they are so often subject to threat, it’s going to continue to be important for companies to develop new and better technology for access control to personal devices. Iris on the Move being integrated into future Samsung Galaxy devices http://www.sri.com/engage/products-solutions/iris-move- biometric-identification-systems http://www.sri.com/engage/products-solutions/iris-move- biometric-identification-systems Image acquisition system based on hi-res cameras, video synchronized strobed illumination and specularity based image segmentation In addition, FIDO Alliance (Fast Identity Online) is working to develop technical specifications that define an open, scalable, interoperable set of mechanisms that reduce the reliance on passwords to authenticate users. They are using systems that rely on tokens and biometrics to authenticate

11 Still hackable But as students of Information Security, we have to look at all new developments in consumer level access controls through a critical scope We have to assume that everything can be hacked and probably will be The important thing is that people are aware of potential security holes and can take strides to combat them on a personal level

12 Works Cited http://www.cbsnews.com/news/apples- iphone-5s-fingerprint-scanner-hacked-by- german-computer-club/ http://www.cbsnews.com/news/apples- iphone-5s-fingerprint-scanner-hacked-by- german-computer-club/ http://www.theregister.co.uk/2014/09/23/ iphone_6_still_vulnerable_to_touchid_fing erprint_hack/ http://www.theregister.co.uk/2014/09/23/ iphone_6_still_vulnerable_to_touchid_fing erprint_hack/ http://www.gartner.com/it- glossary/identity-and-access- management-iam/ http://www.gartner.com/it- glossary/identity-and-access- management-iam/ https://fidoalliance.org/about/overview/

Download ppt "Peace Out, Passwords Identity and Access Management for the rest of us."

Similar presentations

(nothing to see here). First thing you need to learn is that sysadmin is about people, not technology If youre a sysadmin so you dont have to deal with.

(nothing to see here). First thing you need to learn is that sysadmin is about people, not technology If youre a sysadmin so you dont have to deal with.
E-books and E-journals Off-campus This presentation will show you how to log in and access Oxford Brookes Library e-books and e-journals when youre off.

E-books and E-journals Off-campus This presentation will show you how to log in and access Oxford Brookes Library e-books and e-journals when youre off.
E-books and E-journals Off-campus This presentation will show you how to log in and access Oxford Brookes Library e-books and e-journals when youre off.

E-books and E-journals Off-campus This presentation will show you how to log in and access Oxford Brookes Library e-books and e-journals when youre off.
The quest to replace passwords Evangelos Markatos Based on a paper by Joseph Bonneau,Cormac Herley, Paul C. van Oorschot, and Frank Stajanod.

The quest to replace passwords Evangelos Markatos Based on a paper by Joseph Bonneau,Cormac Herley, Paul C. van Oorschot, and Frank Stajanod.
Chapter 1  Introduction 1 Chapter 1: Introduction.

Chapter 1  Introduction 1 Chapter 1: Introduction.
Frank Stajano Presented by Patrick Davis 1.  Ubiquitous Computing ◦ Exact concept inception date is unknown ◦ Basically background computing in life.

Frank Stajano Presented by Patrick Davis 1.  Ubiquitous Computing ◦ Exact concept inception date is unknown ◦ Basically background computing in life.
Implications and Security Issues of the Internet By Neelesh Patel.

Implications and Security Issues of the Internet By Neelesh Patel.
Security Security comes in three forms. 1.Encryption – making data and information transmitted by one person unintelligible to anyone other than the intended.

Security Security comes in three forms. 1.Encryption – making data and information transmitted by one person unintelligible to anyone other than the intended.
15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.

15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.
By Aidan Summerville.  The process inn which a person’s unique physical and other traits are detected and recorded by an electronic device or system.

By Aidan Summerville.  The process inn which a person’s unique physical and other traits are detected and recorded by an electronic device or system.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.

1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
What’s Next What We believe Who We Are Cloud Computing Big data Mobility Social Enterprise.

What’s Next What We believe Who We Are Cloud Computing Big data Mobility Social Enterprise.
Strong : Do You Really Need Them? October 30, 2013.

Strong : Do You Really Need Them? October 30, 2013.
SM3121 Software Technology Mark Green School of Creative Media.

SM3121 Software Technology Mark Green School of Creative Media.
Secure Your Future Now ….. Logical Access Control and Data Security Brought to you by Support & Maintenance by DCS Global Info.

Secure Your Future Now ….. Logical Access Control and Data Security Brought to you by Support & Maintenance by DCS Global Info.
ENCRYPTION Coffee Hour for August 2014. HISTORY OF ENCRYPTION Scytale Ciphers – paper wrapped around rod, receiver needed same size rod to get the message.

ENCRYPTION Coffee Hour for August HISTORY OF ENCRYPTION Scytale Ciphers – paper wrapped around rod, receiver needed same size rod to get the message.
Why You Should Buy A I-Phone 4s. By Steven Gailitis.

Why You Should Buy A I-Phone 4s. By Steven Gailitis.
Password Management Programs By SIR Phil Goff, Branch 116 Area 2 Computers and Technology April 18, 2013 1.

Password Management Programs By SIR Phil Goff, Branch 116 Area 2 Computers and Technology April 18,
The Study of Security and Privacy in Mobile Applications Name: Liang Wei

The Study of Security and Privacy in Mobile Applications Name: Liang Wei
The Impact of Physical Security on Network Security

The Impact of Physical Security on Network Security

Similar presentations

Ads by Google