Presentation is loading. Please wait.

Presentation is loading. Please wait.

Passwords are not able to keep user safe.

Published byLaurence Gibbs Modified over 9 years ago

Similar presentations

Presentation on theme: "Passwords are not able to keep user safe."— Presentation transcript:

1

2

3

4 Passwords are not able to keep user safe

5

6

7 Ease users’ struggle to enter credentials on touch devices Built-in Windows experiences Introduce a new “touch” fingerprint sensors Light up a few engaging scenarios Our Goals for Windows 8.1

8

9 Windows Biometrics Engine Adapter Storage Adapter (inbox but can be replaced by 3 rd party if needed) Sensor Adapter (inbox but can be replaced by 3 rd party if needed) Windows Biometric Device Interface (WBDI) Driver Sensor OS component 3 rd party application 3 rd party driver and companion components

10

11

12 Confirming purchase, profile change, in-app experiences Helps control and personalize device experience Highly desired as a means to control high-value transactions, e.g. purchases Can benefit “cloaking” apps, access to an app, release credentials…

13 CredUI Broker LocalSystem Request Verification Check Availability OS components Apps

14

15

16

17

18 EKAIK

19

20 User with TPM capable device EKPubs and EkCert obtained out of band Here my RSA (pub), signed by AIK Also, my AIK(pub), signed by EK And here is my EK(pub) Validate EK && generate challenge Validate secret Here is a secret, Encrypted to your EK(pub), Can you tell me a secret? Here is your decrypted secret which proves I own EK(priv) Certificate issued for RSA key EK AIK RSA

21 RADIUS + VPN Certificate Authority TPM Attested Certificate Non-Attested Certificate Request and Get Certificate

22

23

24

25 Mail App package WWAHost Select client auth cert LiveComm Use the selected cert for SSL Mail server

26 RAS Select certificate VPN app Use the selected certificate over SSL VPN server

27 var certNamespace = Windows.Security.Cryptography.Certificates; var selectedCert; var query = new certNamespace.CertificateQuery(); query.friendlyName = “clientAuthCert”; certNamespace.CertificateStores.findAllAsync(query).done(f unction); (certs) { if (certs.size > 0) { for (var i = 0; i < certs.size; i++) { if (certs[i].isStronglyProtected) { selectedCert = certs[i]; break; } });

28

29 Strong User Identity with Virtual Smart Card

30

31

32

33

34

35

36

37 Text Theft Proofing and Identities Stronger Single Factor Authentication Two Factor Authentication Text

38

39

40 www.microsoft.com/learning http://microsoft.com/msdn http://microsoft.com/technet http://channel9.msdn.com/Events/TechEd

41

42

43

Download ppt "Passwords are not able to keep user safe."

Similar presentations

Mobile Devices in the DoD

Mobile Devices in the DoD
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
User Registration. Click on ‘Sign Up’ button. Enter Registration details and click on submit button.

User Registration. Click on ‘Sign Up’ button. Enter Registration details and click on submit button.
Vpn-info.com.

Vpn-info.com.
Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.

Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.
Tony Mangefeste Senior Program Manager Microsoft Corporation SYS-462T.

Tony Mangefeste Senior Program Manager Microsoft Corporation SYS-462T.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.

1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.

Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.
Microsoft Ignite /16/2017 4:55 PM

Microsoft Ignite /16/2017 4:55 PM
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Class on Security Raghu. Current state of Security Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are.

Class on Security Raghu. Current state of Security Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are.
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.

03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Similar presentations

Ads by Google