Keynote : Customer Identity Builds Digital Trust - Paris Identity Summit
Digital identity trust & confidence
-
Upload
sylvain-maret -
Category
Technology
-
view
934 -
download
1
description
Transcript of Digital identity trust & confidence
![Page 1: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/1.jpg)
Sylvain Maret
Workshop der SATW ICT Commission
20./21. Mai 2010, Parkhotel Schloss Münchenwiler
Comment protéger de façon efficace son/ses identité(s) numérique(s) sur le Web 2.0?
Digital Identity, Trust & Confidence
![Page 2: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/2.jpg)
Identité(s) numérique(s)
![Page 3: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/3.jpg)
http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp2-del2.13_Virtual_Persons_v1.0.pdf
Authentication Link
![Page 4: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/4.jpg)
Réalité ou fiction ?Réalité ou fiction ?
![Page 5: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/5.jpg)
Les menaces…
![Page 6: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/6.jpg)
Impact ?
![Page 7: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/7.jpg)
Réalité !
![Page 8: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/8.jpg)
Et s’il y avait
le vôtre ?
![Page 9: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/9.jpg)
Authentification forte
![Page 10: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/10.jpg)
![Page 11: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/11.jpg)
La pierre angulaire
![Page 12: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/12.jpg)
Que choisir ?
![Page 13: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/13.jpg)
OTP PKI (HW) Biométrie
AuthentificationForte
Chiffrement
Signature numérique
Non répudiation
Lien fort avec l’utilisateur
*
* Biométrie type Fingerprinting
![Page 14: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/14.jpg)
Processus
Humain
Tendances 2010
![Page 15: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/15.jpg)
OTP Software SmartPhone
OTP pour Iphone: un retour d'expérienceSoftware OTP pour l'IphoneMobile One Time Passwords
![Page 16: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/16.jpg)
OTP via SMS
OTP via SMS
Enter OTP
![Page 17: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/17.jpg)
OTP avec un authentifieur USB
![Page 18: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/18.jpg)
PKI: Certificat numérique X509
Software Certificate Hardware Certificate
![Page 19: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/19.jpg)
Passeport Internet
![Page 20: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/20.jpg)
Biométrie Match on Card
Retour d'expérience sur le déploiement de biométrie à grande échelle
![Page 21: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/21.jpg)
La mire d’authentification biométrique
![Page 22: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/22.jpg)
Technologie accessible à tout un chacun
Des standards
Open Authentication (OATH)
OATH authentication algorithms
HOTP (HMAC Event Based)
OCRA (Challenge/Response)
TOTP (Time Based) OATH Token Identifier
Specification
Solution Open Source
Mobile One Time Passwords strong, two-factor authentication
with mobile phones
![Page 23: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/23.jpg)
SAML vs OpenID ?
![Page 24: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/24.jpg)
![Page 25: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/25.jpg)
> Internet SingleSignOn
> Relatively Simple Protocol
> User-Centric Identity Management
> Internet Scalable
> Free Choice of Identity Provider
> No License Fee
> Independent of Identification Methods
> Non-Profit Organization
![Page 26: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/26.jpg)
Surprise! You may already have an OpenID !
![Page 27: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/27.jpg)
Other Well Known &
Simple Providers
http://en.wikipedia.org/wiki/List_of_OpenID_providers
![Page 28: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/28.jpg)
![Page 29: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/29.jpg)
&
![Page 30: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/30.jpg)
![Page 31: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/31.jpg)
émergence d'une entité juridique?
![Page 32: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/32.jpg)
Qui suis-je ?
Expert en Sécurité 15 ans d’expérience en Sécurité des Systèmes d’Information CEO et Fondateur de MARET Consulting Expert Ecole d’Ingénieurs d’Yverdon & Université de Genève Délégué pour la Romandie du OpenID Switzerland Co-fondateur du Geneva Application Security Forum Auteur Blog: la Citadelle Electronique
Domaine de prédilection Digital Identity Security
![Page 33: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/33.jpg)
Quelques liens pour aller approfondir le sujet
MARET Consulting http://maret-consulting.ch/
La Citadelle Electronique (le blog sur les identités numériques) http://www.citadelle-electronique.net/
Articles banque et finance: Usurper une identité? Impossible avec la biométrie!
http://www.banque-finance.ch/numeros/88/59.pdf Biométrie et Mobilité
http://www.banque-finance.ch/numeros/97/62.pdf
Présentations publiques OSSIR Paris 2009: Retour d'expérience sur le déploiement de biométrie à grande
échelle http://www.ossir.org/paris/supports/2009/2009-10-13/Sylvain_Maret_Biometrie.pdf
ISACA, Clusis: Accès à l’information : Rôles et responsabilités http://blog.b3b.ch/wp-content/uploads/mise-en-oeuvre-de28099une-solution-biometrique-de2809
9authentification-forte.pdf
![Page 34: Digital identity trust & confidence](https://reader036.fdocuments.us/reader036/viewer/2022081420/555a0887d8b42aa8098b53ce/html5/thumbnails/34.jpg)