Presentation is loading. Please wait.

Presentation is loading. Please wait.

10.20.2007, Josef NollNISnet NISnet meeting 10.10.2007 Mobile Applied Trusted Computing Josef Noll,

Published byBetty Mitchell Modified over 9 years ago

Similar presentations

Presentation on theme: "10.20.2007, Josef NollNISnet NISnet meeting 10.10.2007 Mobile Applied Trusted Computing Josef Noll,"— Presentation transcript:

1 10.20.2007, Josef NollNISnet NISnet meeting 10.10.2007 Mobile Applied Trusted Computing Josef Noll, josef@unik.no

2 10.10.2007, Josef NollNISnet Security and authentication: Leading questions What do I fear? – That somebody steals my identity and I can't do anything about it. – That biometrics takes it all – and privacy disappears What can I use to make life more comfortable? – Reduce number of “secure devices” I have to carry (BankID, Telenor access card, keys, money, credit card, …) – Have a device which is secure (enough). Why is my phone the security infrastructure? – Because I can ask my operator to block it, if it gets stolen. – Because it is not an insecure Microsoft device.

3 10.10.2007, Josef NollNISnet Summary: Identity in the virtual world Real world: see and/or talk Voice Face Virtual world: email, web Username, passwd SIM, PKI Security, privacy Service world (between providers) Identity management Service level agreement (SLA) Trust relation

4 10.10.2007, Josef NollNISnet Introduction: Identity Identity is attributes of your persona – Social, Corporate and Private IDs Internet was built without an identity layer – Identity 2.0 stems from Web 2.0 – People, information and software – More user-oriented (wikis, comments, tags) – More seamless web services (AJAX) Service related security – Provide just the information which is necessary Mobile challenges

5 10.10.2007, Josef NollNISnet Summary: Identity 2.0 – The goal User centric – More like real life ID’s (passport, license) – Multiple ID’s (PID, SID, CID) – Certificates and preferences – Choose attributes ~more privacy ID providers – Multiple providers – Own certificates Mobile, and de-centralized Personal (PID) Corporate (CID) Social (SID) Identity

6 10.10.2007, Josef NollNISnet Challenge: Role based service access Next Generation Applications: – Customized services – Remote services – Proximity services – High flexibility – Telecom-IT integration Challenges – Privacy – Trust – Application security App x App y App z Identity provider Corporate - CID VPNadmittance Public Authority … Bank Application providers Certificate Social - SID sportsorigin Private - PID Mastercard, Visa Soc. sec. number Certificate Telecom JosefRole based service access My identities

7 10.10.2007, Josef NollNISnet New role: Identity provider Certificate Josefine Remote servicesProximity services Who provides? – ID provider Where to store? – Network – Phone How to store/backup? – long term, short term

8 10.10.2007, Josef NollNISnet Summary: Security Challenges Mobile based access and payment – Next generation SIM cards – Virtualization of SIM credentials – Contactless access through NFC – (out-of-band) key distribution in heterogeneous networks User privacy enhancing technologies – service specific authentication methods – role-based access mechanisms Semantic Web and Web Services – Policies and rules support in ontologies – Trust distribution in distributed ontologies – Privacy protection in social networks

Download ppt "10.20.2007, Josef NollNISnet NISnet meeting 10.10.2007 Mobile Applied Trusted Computing Josef Noll,"

Similar presentations

Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.

Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.
Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
1 Cypak core technology New convenient security solutions for online gaming Combat fraud and keep your customer happy.

1 Cypak core technology New convenient security solutions for online gaming Combat fraud and keep your customer happy.
Secure Communication Architectures.

Secure Communication Architectures.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
PKI Implementation in the Real World

PKI Implementation in the Real World
1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.

1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.
Network Identity Kai Kang 27 th October 2004. Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.

Network Identity Kai Kang 27 th October Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.

Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.
MOVATION - Contributions and Expectations to NISnet October 2007 MOVATION - Contributions and Expectations to NISnet October 2007 Truls Berg, Josef Noll,

MOVATION - Contributions and Expectations to NISnet October 2007 MOVATION - Contributions and Expectations to NISnet October 2007 Truls Berg, Josef Noll,
IPhone SDK and Enterprise Peter Wood. Enterprise Upcoming iPhone support for Microsoft Exchange ActiveSync and industry-standard corporate security measures.

IPhone SDK and Enterprise Peter Wood. Enterprise Upcoming iPhone support for Microsoft Exchange ActiveSync and industry-standard corporate security measures.
Secure Element Access from a Web browser W3C Workshop on Authentication, Hardware Tokens and Beyond 11 September 2014 1 Oberthur Technologies – Identity.

Secure Element Access from a Web browser W3C Workshop on Authentication, Hardware Tokens and Beyond 11 September Oberthur Technologies – Identity.
Identity and Access Management

Identity and Access Management
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
Certificate and Key Storage Tokens and Software

Certificate and Key Storage Tokens and Software
Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.

Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.

Similar presentations

Ads by Google