Uganda investment forum_-_natural_resources_-_keith_winning_-_cbi
2014 IoT Forum_ Fido Alliance
-
date post
21-Oct-2014 -
Category
Technology
-
view
11.653 -
download
2
description
Transcript of 2014 IoT Forum_ Fido Alliance
STRONG AUTHENTICATION & THE CLOUD – FIDO ALLIANCE
RAMESH KESANUPALLI, FOUNDER, NOK NOK LABS FIDO VISIONARY
CONNECTED WORLD
2
Everything Authenticates
50 Billion Connected Devices
(by 20201)
Internet of Things
Mobile Payments
Books
60 Billion Apps downloaded
(Apple App Store, Oct 20132)
Personalized content
M-Commerce
Music
Cloud Services
Social networks Financial services Medical records
Connected Devices Hub
RAMPANT ONLINE ATTACKS
3
• Major hacks have been targeted at password databases within Online Gaming, Financial Services, Social Media organizations
• Password Re-use is a
significant problem – technical analysis of data breaches have shown that 76% of passwords used across multiple sites.
IDENTITY AND AUTHENTICATION LANDSCAPE • 99% OF ONLINE ATTACKS AND IDENTITY THEFT ARE CONNECTED TO
PASSWORD THEFT • CURRENT TWO FACTOR SOLUTIONS RIDE ON TOP OF PASSWORDS AND
ARE: • EXPENSIVE • COMPLEX • DO NOT SCALE • PROPRIETARY • TO COMPLICATED TO DEPLOY OR SWITCH
• NO SCALABLE CONSUMER AUTHENTICATION SOLUTION • HIGHER SECURITY TODAY REQUIRES MORE TRANSACTION FRICTION
ACCOUNT NAME AND PASSWORDS DO NOT WORK ON MOBILE DEVICES CLOUD SERVICES NEED STRONG AUTHENTICATION TO MITIGATE RISKS
Authentication is KEY - whether it is User to Device, User to Service, Device to Device, Device to Service
TODAY’S AUTHENTICATION SOLUTIONS FALL SHORT
5
Easy but
WEAK
DIFFICULT but
Strong
Easy to Use AND
Strong
Desired !!
COMMON AUTHENTICATION PLUMBING
6
Users
Cloud/Enterprise
Devices
Federation
Open Standard Plug-In Approach
Interoperable Ecosystem
Usable Authentication
WHAT IS NEEDED
7
MICHAEL BARRETT
FORMER CHIEF INFORMATION SECURITY OFFICER
RAMESH KESANUPALLI
FORMER CTO
TAHER ELGAMAL
INVENTOR OF SSL
CURRENTLY FOUNDER, CHIEF ALLIANCES OFFICER AND FIDO VISIONARY
CURRENTLY CTO SECURITY
CURRENTLY BOARD MEMBER
VISIONARIES
PHIL DUNKELBERGER
FORMER CEO
CURRENTLY PRESIDENT AND CEO
8
INDUSTRY COOPERATION REQUIRED NO ONE COMPANY CAN FIX THE PROBLEM
15 MONTHS AGO
PUBLIC LAUNCH
FIDO’S EXPLOSIVE GROWTH
9
Industry Standard
Feb 2013 May 2014 Next
6 118
Companies Companies
Public Launch
Public Review Spec
Companies
10
THE FIDO ALLIANCE AND NOK NOK LABS
11
Standards Products
Industry Standard Protocol
“FIDO Ready™”
FIRST FIDO Ready™ Server and Client Software:
NNL S3 Suite
Key Industry Partnerships
FIDO - UNIQUE APPROACH Any Device. Any Application. Any Authenticator.
12
Standardized Protocols
Local authentication unlocks app specific key
Key used to authenticate to server
MORE SECURE AUTHENTICATION
13
Unique Cryptographic Secrets
Feature Security Benefit
Unique key per user/device/site Segmentation of risk
High-entropy asymmetric keys instead of passwords
Protection against dictionary, brute force attacks
Secrets not exposed to user Protection against phishing, key logging, shoulder surfing
User Account Device Site
FUTURE PROOF
14
Standardized Protocol
Plugin any authentication method on device
? Decouple Method <-> Protocol Standardize Protocol
1 2
Authentication clients for any device
Single Infrastructure
REDUCED COST & COMPLEXITY
15
Any Device Risk Appropriate
Lower Cost & Complexity
USABILITY & DIVERSITY
16
Usability Usage
• No passwords • Existing devices • Flexible authentication
• Engagement • Completed transactions • Security compliance
Drives
Aspirational Goal
FIDO SOLUTIONS DEMONSTRATED AT INDUSTRY EVENTS
SIM as Secure Element
Fingerprint, TEE, Mobile
Speaker Recogni<on
Mobile via NFC
PIN + MicroSD
USB
FIDO-READYTM PRODUCTS SHIPPING TODAY
OEM Enabled: Lenovo ThinkPads with Fingerprint Sensors
OEM Enabled: Samsung Galaxy S5
Clients available for these opera<ng systems:
SoNware Authen<cator Examples: Speaker/Face recogni<on, PIN, QR Code, etc.
ANermarket Hardware Authen<cator Examples: USB fingerprint scanner, MicroSD Secure Element
CALL TO ACTION • AUTHENTICATION IS A FUNDAMENTAL PROBLEM AND IT IS AN
INDUSTRY PROBLEM • NO ONE COMPANY CAN FIX THIS PROBLEM, JOIN THE FIDO
ALLIANCE & HELP FIX IT TOGETHER • OPPORTUNITY TO CREATE NEW SERVICES, NEW MARKETS, NEW
INNOVATIONS, NEW BUSINESSES AND NEW REVENUE MODELS • TAKE THE LEADERSHIP, INCLUDE FIDO SUPPORT AT THE
SOURCE ON YOUR DEVICES • FIDO READY TM COMMERCIAL PRODUCTS ARE AVAILABLE IN THE
MARKET
• MAKE THE CONNECTED WORLD SECURE, PRIVATE, FRAUD FREE , EASY TO USE AND STAY CONNECTED
19