the state of authentication
play

THE STATE OF AUTHENTICATION Chad Spensky Allthenticate OUTLINE - PowerPoint PPT Presentation

Mar 08, 2024 •97 likes •453 views

THE STATE OF AUTHENTICATION Chad Spensky Allthenticate OUTLINE Who am I? Authentication overview Current state of Authentication The future of authentication MY JOURNEY 2012-2015 2004-2011 2015-Present 1998-2004 Staff at MIT

  1. THE STATE OF AUTHENTICATION Chad Spensky Allthenticate

  2. OUTLINE • Who am I? • Authentication overview • Current state of Authentication • The future of authentication

  3. MY JOURNEY 2012-2015 2004-2011 2015-Present 1998-2004 Staff at MIT LL Internet Pirate Offensive Security Console Modder B.S. in CS & Math Ph.D. CS (Security) M.S. in CS (Authentication) Founder of Allthenticate

  4. THE PROBLEM Everyone should not have access to everything.

  5. AUTHENTICATION Only permitting authorized users to access a resource Chad

  6. AUTHENTICATION Real World Digital World

  7. AUTHENTICATION • What you know • What you have • What you are

  8. PASSWORDS More than 15 usernames More than 150 saved passwords cspensky@ucsb.edu ******* Dedicated apps ******* ******* ******* cspensky@gmail.com ******* ******* ******* ******* ******* cspensky@mit.edu ******* ******* ******* ******* ******* ******* ******* ******* chad@allthenticate.net ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* cspensky@cs.ucsb.edu ******* ******* ******* ******* ******* ******* ******* chad@cspensky.info ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* cspensky@unc.edu ******* ******* ******* ******* ******* ******* ******* ******* ******* cspensky@alumni.pitt.edu ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* chad.spensky@ll.mit.edu ******* ******* ******* ******* ******* ******* cspensky@comcast.net ******* ******* ******* ******* ******* cspensky@alumni.unc.edu ******* ******* Today

  9. HARDWARE TOKENS Smartphone Second Factor Hardware Credential Portable Computer Employee

  10. BIOMETRICS Fingerprint Voice Recognition FaceID

  11. AUTHENTICATION IMPLEMENTATIONS

  12. HOW PASSWORDS WORK Chad1 Chad1 Secure Hash Function Chad1 ac18753fe31 Encrypted Tunnel Keyboard Entry Hash saved

  13. HOW PASSWORDS FAIL Chad1 Chad1 Secure Hash Function Chad1 ac18753fe31 Encrypted Tunnel Keyboard Entry Hash saved

  14. https://xkcd.com/538/

  15. HOW 2FA WORKS Chad1 Chad1 Secure Hash Function 1234 Chad1 ac18753fe31 1234 1234

  16. HOW 2FA FAILS Chad1 Chad1 Secure Hash Function 1234 Chad1 ac18753fe31 1234 1234

  17. HOW 2FA WORKS (BETTER SOLUTION) Chad1 Secure Hash Function Chad1 ac18753fe31 Challenge Response

  18. https://www.techspot.com/news/78292-new-reverse-proxy-tool-posted-github-can-easily.html

  19. HOW TOKENS WORK Request Token Required Challenge Response

  20. HOW TOKENS FAIL Request Token Required Challenge Response

  21. https://nakedsecurity.sophos.com/2019/06/17/yubico-recalls-fips-yubikey-tokens-after-flaw-found/

  22. HOW BIOMETRICS WORK Request Biometric Required Challenge Do X? Signed Response Yes

  23. HOW BIOMETRICS WORK Request Biometric Required Challenge Do X? Signed Response Yes

  24. http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm

  25. SECURITY VS USABILITY VS COST

  26. FINDING THE RIGHT FIT Value of Asset Security

  27. FINDING THE RIGHT FIT User Burden Security

  28. FINDING THE RIGHT FIT ******* User Burden Security

  29. FINDING THE RIGHT FIT Implementation Cost Security

  30. FINDING THE RIGHT FIT Implementation Cost ******* Security

  31. THE PROBLEM There are too many options

  32. WE NEED FLEXIBILITY

  33. WE NEED FLEXIBILITY *******

  34. MORE SECURITY. LESS BURDEN. chad@allthenticate.net www.allthenticate.net

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

SECURITY TOPICS PART 2 AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources: getting entrance to a computer lab

833 views • 44 slides
HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication

288 views • 10 slides
Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a precondition How to authenticate: Something you know Password, Secrets Something you have Smart Card, Token Something you are Biometrie

607 views • 4 slides
Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of

613 views • 27 slides
Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of

1.66k views • 27 slides
A2: Broken Authentication and Session Management But first Authentication, Authorization,

A2: Broken Authentication and Session Management But first Authentication, Authorization,

A2: Broken Authentication and Session Management But first Authentication, Authorization, Sessions Authentication Determining user identity Multiple ways What you know (password) What you have (phone, RSA SecureID, Yubikey)

1.57k views • 28 slides
Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password Token-based authentication Third party authentication Local Authentication How to store and verify password? Clear Data can be hacked

615 views • 14 slides
The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch

The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch

The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch Security Engineer kbabioch@suse.de New authentication standards ... 2 Some authentication technologies ... 3 - Authentication theory -

1.28k views • 88 slides
Outline Introduction Authentication Basic authentication mechanisms CS 239

Outline Introduction Authentication Basic authentication mechanisms CS 239

Outline Introduction Authentication Basic authentication mechanisms CS 239 Authentication on a single machine Computer Security Authentication across a network February 21, 2007 Lecture 9 Lecture 9 Page 1 Page 2 CS 236,

302 views • 8 slides
I know who you are, but you can't come in Authentication and single sign-on in the SAS platform

I know who you are, but you can't come in Authentication and single sign-on in the SAS platform

I know who you are, but you can't come in Authentication and single sign-on in the SAS platform Agenda Authentication Inbound authentication Outbound authentication Single Sign-on Definitions Stage Process Method Physical

781 views • 48 slides
HOST PUF-Based Authentication ECE 525 PUF-Based Authentication PUF-based protocols have been

HOST PUF-Based Authentication ECE 525 PUF-Based Authentication PUF-based protocols have been

HOST PUF-Based Authentication ECE 525 PUF-Based Authentication PUF-based protocols have been proposed for applications including: Encryption and authentication For detecting malicious alterations of design components For

645 views • 15 slides
1 Password-Based Authentication Node A has a secret ( password ): e.g., lisa To

1 Password-Based Authentication Node A has a secret ( password ): e.g., lisa To

Authentication Protocols Guevara Noubir College of Computer and Information Science Northeastern University noubir@ccs.neu.edu Outline Overview of Authentication Systems [Chapter 9] Authentication of People [Chapter 10]

396 views • 17 slides
User Authentication Passport Jason Situ Passport What is it? Passport is authentication

User Authentication Passport Jason Situ Passport What is it? Passport is authentication

User Authentication Passport Jason Situ Passport What is it? Passport is authentication middleware for Node. It is designed to serve a singular purpose: authenticate requests. Supports a comprehensive set of authentication mechanisms called

808 views • 16 slides
Authentication: Beyond Passwords Prof. Tom Austin San Jos State University Biometrics

Authentication: Beyond Passwords Prof. Tom Austin San Jos State University Biometrics

CS 166: Information Security Authentication: Beyond Passwords Prof. Tom Austin San Jos State University Biometrics Something You Are Biometric You are your key Schneier Examples Fingerprint Are Handwritten

800 views • 32 slides
Simple Authentication Protocols Prof. Tom Austin San Jos State University What is a

Simple Authentication Protocols Prof. Tom Austin San Jos State University What is a

CS 166: Information Security Simple Authentication Protocols Prof. Tom Austin San Jos State University What is a Protocol? Rules for interaction, which can include: Human protocols e.g. raise your hand to ask a question

795 views • 76 slides
Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and

Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and

Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and Schroeder Authentication in general Bishop: Authentication is the binding of an identity to a principal. Network-based authentication mechanisms

1.6k views • 43 slides
Path Calculation and Setup Sources: MPLS Forum V. Alwayn, Advanced MPLS Design and Implementation

Path Calculation and Setup Sources: MPLS Forum V. Alwayn, Advanced MPLS Design and Implementation

Path Calculation and Setup Sources: MPLS Forum V. Alwayn, Advanced MPLS Design and Implementation , Cisco Press E. W. Gray, MPLS Implementing the Technology , Addison Wesley B. Davie and Y. Rekhter, MPLS Technology and Applications , Morgan

848 views • 60 slides
Roaming Real-Time Applications Mobility Services in IPv6 Networks Thomas C. Schmidt, Matthias

Roaming Real-Time Applications Mobility Services in IPv6 Networks Thomas C. Schmidt, Matthias

Roaming Real-Time Applications Mobility Services in IPv6 Networks Thomas C. Schmidt, Matthias Whlisch, {schmidt, mw}@fhtw-berlin.de FH fr Technik und Wirtschaft Berlin VCoIP in Praxis VCoIP in Praxis VCoIP in Praxis VCoIP in Praxis

440 views • 30 slides
Security Tunneling Cyber Security Spring 2010 Reading Material IPSec overview Chapter

Security Tunneling Cyber Security Spring 2010 Reading Material IPSec overview Chapter

Security Tunneling Cyber Security Spring 2010 Reading Material IPSec overview Chapter 6 Network Security Essentials, William Stallings SSH RFCs 4251, 4252, 4253 SSL/TLS overview Slide material from Bishop

1.55k views • 69 slides
A tunnel discovery and A tunnel discovery and monitoring overview monitoring overview Ryszard

A tunnel discovery and A tunnel discovery and monitoring overview monitoring overview Ryszard

A tunnel discovery and A tunnel discovery and monitoring overview monitoring overview Ryszard Jurga CERN openlab Agenda Agenda What is the tunnel? The tunnel discovery The tunnel monitoring Conclusions What is the tunnel?

476 views • 14 slides
IPv6 IP Version 6 to the Rescue Effort started by the IETF in 1994 Much larger addresses

IPv6 IP Version 6 to the Rescue Effort started by the IETF in 1994 Much larger addresses

IPv6 IP Version 6 to the Rescue Effort started by the IETF in 1994 Much larger addresses (128 bits) Many sundry improvements Became an IETF standard in 1998 Nothing much happened for a decade Hampered by deployment issues,

504 views • 39 slides
Mobile Routing Goal is to allow a host to be disconnected from one network and connected to

Mobile Routing Goal is to allow a host to be disconnected from one network and connected to

Mobile Routing Goal is to allow a host to be disconnected from one network and connected to another With normal IP addresses, host would either become unreachable, or it would need to get a new IP address somehow (DHCP, manual

226 views • 10 slides
Networked Embedded Software: Introduction Luca Mottola Politecnico di Milano, Italy and SICS

Networked Embedded Software: Introduction Luca Mottola Politecnico di Milano, Italy and SICS

Networked Embedded Software: Introduction Luca Mottola Politecnico di Milano, Italy and SICS Swedish ICT ( home.deib.polimi.it/mottola ) Who am I? Whats the course about? Networked Embedded Software Software that powers networked embedded

530 views • 35 slides
New Developments in Trenchless Technologies Wide range of technologies suitable for different

New Developments in Trenchless Technologies Wide range of technologies suitable for different

New Developments in Trenchless Technologies Wide range of technologies suitable for different installation lengths, diameters, materials, or specific requirements (like accuracy) Direct Pipe & Intersect drills Variants on

626 views • 9 slides

More recommend