SlideShare ist ein Scribd-Unternehmen logo

Identity systems

Jim Fenton
Jim Fenton
TechnologieBildung
1 von 28
Downloaden Sie, um offline zu lesen
Identity Systems Jim Fenton
“Defining identity is like nailing Jell-O® to the wall.” – Source Uncertain Flickr photo by stevendepolo Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Terminology   Subject The person (usually) whose identity is involved Sometimes called the User   Relying Party The entity the Subject is interacting with Sometimes called the Service Provider   Attribute A piece of information about the Subject Sometimes called a Claim Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 3
A Basic Identity System Government Identity Provider Authentication Request Commerce Social Media Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 4
A Basic Identity System Government Identity User Provider User Credentials Authentication Commerce Social Media Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 5
A Basic Identity System Government Identity Authorize Info Provider Attribute Request/ Release Response Commerce Social Media Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Elements of Identity Management Percent Authentication Credential Management Establish who the Subject is Prove to Relying Parties who the Subject is Attribute Management Provide information about the Subject Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 7
User Trust   User trust in their Identity Provider is fundamental Not all users trust any one entity Most likely to trust entities they do business with and strong, trusted brands Different trusted entities in different cultures   An ecosystem of identity providers is required Users need to choose their own identity provider Need to consider ability to migrate to a different provider if required Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Authentication Flickr photo by shannonpatrick17 Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Authentication Methods   Methods useful for user authentication are situation-specific Type of endpoint being used Required authentication strength (transaction value, etc.)   Problem: Many existing identity systems are bound tightly to specific authentication methods Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Authentication Strength   Authentication strength should depend on transaction value iTunes purchase (99 cents) vs. vehicle purchase   NIST Special Pub 800-63 defines 4 levels: Level 1: Minimal challenge/response Level 2: Single-factor identity proofing Level 3: Multi-factor identity proofing Level 4: Hardened multi-factor   Relying party specifies the required strength to the identity management system Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Authentication Endpoint Diversity   The Web is pervasive, but not everything is a browser   Examples Vending Machines Set-top boxes Doors (physical security)   Modular approaches to authentication needed to consider a wide range of use cases Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Security Opportunities   Users that authenticate frequently at a given service are more likely to detect anomalies More likely to be suspicious about, for example, lack of a certificate Browsers can be configured to specially flag “chosen” identity providers   Identity providers can detect anomalous user behavior Similar to detection of fraudulent credit card transactions Business/policy framework should encourage this Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 13
Credential Management Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public Imagery supplied by Photodisc/Getty Images 14
Credential Management: Functions   Act as a “key cabinet” for the user Each relying party has its own credentials   Support Directed Identity Prevent undesired release of correlation handles Identifiers to Relying Parties are opaque by default   Enforce secure use of credentials Require use of secure channel (e.g., SSL) Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Directed Identity   It should not necessarily be possible for different Relying Parties to correlate identifiers Insurance company vs. supermarket account Pseudonymous identifiers for tip hotlines   Users may still choose to link relying parties’ identifiers   Attributes may also provide correlation handles   Credential manager can be subpoenaed if appropriate Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Security and Availability Issues   Security The credential store is a very high-value target Credentials can be distributed to diffuse attack High-level physical security is also required   Availability Failure of an Identity Manager may have severe impact on its Subjects Solvable problem, but needs to be addressed Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Attribute Management Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Distributed Attributes   Self-asserted attributes have limited utility   Authoritative sources for different attributes come from different places FICO scores from a credit bureau Driving record from state Motor Vehicle Department Proof of employment from employer   Identity system has a role in locating trustable sources of attributes   Attributes delivered as signed assertions Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 19
Attribute Distribution: Example Healthcare Provider Identity Provider Authorization “Is subject 21?” Request Request Wine Merchant Motor Vehicle Department Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 20
Attribute Distribution: Example Healthcare Provider Identity Provider Release Trust Negotiation Authorization Wine Merchant Motor Vehicle Department Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 21
Attribute Distribution: Example Healthcare Provider Identity Provider “Is subject 21?” Request Wine Merchant Motor Vehicle Department Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 22
Attribute Distribution: Example Healthcare Provider Identity Provider “Subject is 21 or over” –DMV Wine Merchant Motor Vehicle Department Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 23
Attribute Trust   Federation: Prearranged trust relationships Personnel Security Clearances among Federal agencies Business partners   Accreditation: Indirect federation Financial institutions, schools Scales much better than direct federation Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 24
Identity Provider Trust   Identity Provider has a fiduciary responsibility   To the Subject: Must use credentials only for the proper Subject   To Relying Parties: Must associate attribute requests and responses reliably   Identity Provider may coincidentally function as an Attribute Provider Functions should be considered separate to maintain privacy Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 25
Summary Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 26
Observations   Scaling is critical Technical (protocol) aspects of scaling are a solved problem Scaling of trust relationships is the real limitation   Chosen technologies need to consider a very wide range of use cases   An ecosystem of identity and attribute providers is needed Need business models for these functions Public policy should encourage constructive behavior and help these entities manage liability exposure Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 27
Identity systems

Empfohlen

Comodo Overview Presentation Read Only
Comodo Overview Presentation Read OnlyComodo Overview Presentation Read Only
Comodo Overview Presentation Read OnlyJayHicks
 
State-of-the-Art in Web Services Federation
State-of-the-Art in Web Services FederationState-of-the-Art in Web Services Federation
State-of-the-Art in Web Services FederationOliver Pfaff
 
Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012itandlaw
 
Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudCA API Management
 
Enrique Castro Leon Virtual Service Oriented Grids
Enrique Castro Leon Virtual Service Oriented GridsEnrique Castro Leon Virtual Service Oriented Grids
Enrique Castro Leon Virtual Service Oriented GridsSOA Symposium
 
How to Overcome the 3 Biggest PCI Compliance Challenges
How to Overcome the 3 Biggest PCI Compliance ChallengesHow to Overcome the 3 Biggest PCI Compliance Challenges
How to Overcome the 3 Biggest PCI Compliance ChallengesVISIHOSTING
 
Enterprise Security Architecture: From Access to Audit
Enterprise Security Architecture: From Access to AuditEnterprise Security Architecture: From Access to Audit
Enterprise Security Architecture: From Access to AuditBob Rhubart
 
Under Lock And Key
Under Lock And KeyUnder Lock And Key
Under Lock And KeyYarko Petriw
 

Empfohlen

Comodo Overview Presentation Read Only
Comodo Overview Presentation Read OnlyComodo Overview Presentation Read Only
Comodo Overview Presentation Read OnlyJayHicks
 
State-of-the-Art in Web Services Federation
State-of-the-Art in Web Services FederationState-of-the-Art in Web Services Federation
State-of-the-Art in Web Services FederationOliver Pfaff
 
Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012Cloud Computing Webinar: Legal & Regulatory Update for 2012
Cloud Computing Webinar: Legal & Regulatory Update for 2012itandlaw
 
Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudCA API Management
 
Enrique Castro Leon Virtual Service Oriented Grids
Enrique Castro Leon Virtual Service Oriented GridsEnrique Castro Leon Virtual Service Oriented Grids
Enrique Castro Leon Virtual Service Oriented GridsSOA Symposium
 
How to Overcome the 3 Biggest PCI Compliance Challenges
How to Overcome the 3 Biggest PCI Compliance ChallengesHow to Overcome the 3 Biggest PCI Compliance Challenges
How to Overcome the 3 Biggest PCI Compliance ChallengesVISIHOSTING
 
Enterprise Security Architecture: From Access to Audit
Enterprise Security Architecture: From Access to AuditEnterprise Security Architecture: From Access to Audit
Enterprise Security Architecture: From Access to AuditBob Rhubart
 
Under Lock And Key
Under Lock And KeyUnder Lock And Key
Under Lock And KeyYarko Petriw
 
Vormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric Inc
 
Oded Tsur - Ca Cloud Security
Oded Tsur - Ca Cloud SecurityOded Tsur - Ca Cloud Security
Oded Tsur - Ca Cloud SecurityCSAIsrael
 
Password fatigation
Password fatigationPassword fatigation
Password fatigationVASCO Data Security
 
Sgtn Supply Chain Initiatives V44 S
Sgtn Supply Chain Initiatives V44 SSgtn Supply Chain Initiatives V44 S
Sgtn Supply Chain Initiatives V44 SJames Cofield
 
#EMC #DOCUMENTUM -content-management-in-action
#EMC #DOCUMENTUM -content-management-in-action#EMC #DOCUMENTUM -content-management-in-action
#EMC #DOCUMENTUM -content-management-in-actionMountaha
 
Veriphyr bright talk 20120523
Veriphyr bright talk 20120523Veriphyr bright talk 20120523
Veriphyr bright talk 20120523Accenture
 
Lotusphere 2011 SHOW104
Lotusphere 2011 SHOW104Lotusphere 2011 SHOW104
Lotusphere 2011 SHOW104WorkFlowStudios
 
Juniper Provision - 13martie2012
Juniper Provision - 13martie2012Juniper Provision - 13martie2012
Juniper Provision - 13martie2012Agora Group
 
Enrique Castro Leon Scaling Delivery Of I T Services
Enrique Castro Leon Scaling Delivery Of I T ServicesEnrique Castro Leon Scaling Delivery Of I T Services
Enrique Castro Leon Scaling Delivery Of I T ServicesSOA Symposium
 
Federated and Secure Identity Management in Operation
Federated and Secure Identity Management in OperationFederated and Secure Identity Management in Operation
Federated and Secure Identity Management in OperationFederation for Identity and Cross-Credentialing Systems (FiXs)
 
Webinar: Move Your Business Forward with Cisco VOIP for SMB
Webinar: Move Your Business Forward with Cisco VOIP for SMBWebinar: Move Your Business Forward with Cisco VOIP for SMB
Webinar: Move Your Business Forward with Cisco VOIP for SMBAdvanced Logic Industries
 
Presentatie mc afee emm 2011
Presentatie mc afee emm 2011Presentatie mc afee emm 2011
Presentatie mc afee emm 2011SecutecGroup Baudewijns
 
Security for heterogeneous enviroments
Security for heterogeneous enviromentsSecurity for heterogeneous enviroments
Security for heterogeneous enviromentsFederman Hoyos
 
Oracle a TBIZ2011
Oracle a TBIZ2011Oracle a TBIZ2011
Oracle a TBIZ2011TechnologyBIZ
 
Managing PIV Card Lifecycle and Converging Physical & Logical Access Control
Managing PIV Card Lifecycle and Converging Physical & Logical Access ControlManaging PIV Card Lifecycle and Converging Physical & Logical Access Control
Managing PIV Card Lifecycle and Converging Physical & Logical Access ControlRamesh Nagappan
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity RoadmapRaleigh ISSA
 
Mulin Holstein PKI-strategy
Mulin Holstein PKI-strategyMulin Holstein PKI-strategy
Mulin Holstein PKI-strategyfEngel
 
Legal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalLegal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalClubHack
 
Legal nuances to the cloud
Legal nuances to the cloudLegal nuances to the cloud
Legal nuances to the cloudRitambhara Agrawal
 
Ubisecure presentation short
Ubisecure presentation shortUbisecure presentation short
Ubisecure presentation shortCharles Sederholm
 
BPMN Usage Survey: Results
BPMN Usage Survey: ResultsBPMN Usage Survey: Results
BPMN Usage Survey: ResultsMichele Chinosi
 
Varilla de soldadura oxiacetilenica
Varilla de soldadura oxiacetilenicaVarilla de soldadura oxiacetilenica
Varilla de soldadura oxiacetilenicaEmmanuel351
 

Weitere ähnliche Inhalte

Was ist angesagt?

Vormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric Inc
 
Oded Tsur - Ca Cloud Security
Oded Tsur - Ca Cloud SecurityOded Tsur - Ca Cloud Security
Oded Tsur - Ca Cloud SecurityCSAIsrael
 
Sgtn Supply Chain Initiatives V44 S
Sgtn Supply Chain Initiatives V44 SSgtn Supply Chain Initiatives V44 S
Sgtn Supply Chain Initiatives V44 SJames Cofield
 
#EMC #DOCUMENTUM -content-management-in-action
#EMC #DOCUMENTUM -content-management-in-action#EMC #DOCUMENTUM -content-management-in-action
#EMC #DOCUMENTUM -content-management-in-actionMountaha
 
Veriphyr bright talk 20120523
Veriphyr bright talk 20120523Veriphyr bright talk 20120523
Veriphyr bright talk 20120523Accenture
 
Juniper Provision - 13martie2012
Juniper Provision - 13martie2012Juniper Provision - 13martie2012
Juniper Provision - 13martie2012Agora Group
 
Enrique Castro Leon Scaling Delivery Of I T Services
Enrique Castro Leon Scaling Delivery Of I T ServicesEnrique Castro Leon Scaling Delivery Of I T Services
Enrique Castro Leon Scaling Delivery Of I T ServicesSOA Symposium
 
Webinar: Move Your Business Forward with Cisco VOIP for SMB
Webinar: Move Your Business Forward with Cisco VOIP for SMBWebinar: Move Your Business Forward with Cisco VOIP for SMB
Webinar: Move Your Business Forward with Cisco VOIP for SMBAdvanced Logic Industries
 
Security for heterogeneous enviroments
Security for heterogeneous enviromentsSecurity for heterogeneous enviroments
Security for heterogeneous enviromentsFederman Hoyos
 
Managing PIV Card Lifecycle and Converging Physical & Logical Access Control
Managing PIV Card Lifecycle and Converging Physical & Logical Access ControlManaging PIV Card Lifecycle and Converging Physical & Logical Access Control
Managing PIV Card Lifecycle and Converging Physical & Logical Access ControlRamesh Nagappan
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity RoadmapRaleigh ISSA
 
Mulin Holstein PKI-strategy
Mulin Holstein PKI-strategyMulin Holstein PKI-strategy
Mulin Holstein PKI-strategyfEngel
 
Legal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalLegal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalClubHack
 
Ubisecure presentation short
Ubisecure presentation shortUbisecure presentation short
Ubisecure presentation shortCharles Sederholm
 

Was ist angesagt? (20)

Vormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rules
 
Oded Tsur - Ca Cloud Security
Oded Tsur - Ca Cloud SecurityOded Tsur - Ca Cloud Security
Oded Tsur - Ca Cloud Security
 
Password fatigation
Password fatigationPassword fatigation
Password fatigation
 
Sgtn Supply Chain Initiatives V44 S
Sgtn Supply Chain Initiatives V44 SSgtn Supply Chain Initiatives V44 S
Sgtn Supply Chain Initiatives V44 S
 
#EMC #DOCUMENTUM -content-management-in-action
#EMC #DOCUMENTUM -content-management-in-action#EMC #DOCUMENTUM -content-management-in-action
#EMC #DOCUMENTUM -content-management-in-action
 
Veriphyr bright talk 20120523
Veriphyr bright talk 20120523Veriphyr bright talk 20120523
Veriphyr bright talk 20120523
 
Lotusphere 2011 SHOW104
Lotusphere 2011 SHOW104Lotusphere 2011 SHOW104
Lotusphere 2011 SHOW104
 
Juniper Provision - 13martie2012
Juniper Provision - 13martie2012Juniper Provision - 13martie2012
Juniper Provision - 13martie2012
 
Enrique Castro Leon Scaling Delivery Of I T Services
Enrique Castro Leon Scaling Delivery Of I T ServicesEnrique Castro Leon Scaling Delivery Of I T Services
Enrique Castro Leon Scaling Delivery Of I T Services
 
Federated and Secure Identity Management in Operation
Federated and Secure Identity Management in OperationFederated and Secure Identity Management in Operation
Federated and Secure Identity Management in Operation
 
Webinar: Move Your Business Forward with Cisco VOIP for SMB
Webinar: Move Your Business Forward with Cisco VOIP for SMBWebinar: Move Your Business Forward with Cisco VOIP for SMB
Webinar: Move Your Business Forward with Cisco VOIP for SMB
 
Presentatie mc afee emm 2011
Presentatie mc afee emm 2011Presentatie mc afee emm 2011
Presentatie mc afee emm 2011
 
Security for heterogeneous enviroments
Security for heterogeneous enviromentsSecurity for heterogeneous enviroments
Security for heterogeneous enviroments
 
Oracle a TBIZ2011
Oracle a TBIZ2011Oracle a TBIZ2011
Oracle a TBIZ2011
 
Managing PIV Card Lifecycle and Converging Physical & Logical Access Control
Managing PIV Card Lifecycle and Converging Physical & Logical Access ControlManaging PIV Card Lifecycle and Converging Physical & Logical Access Control
Managing PIV Card Lifecycle and Converging Physical & Logical Access Control
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap
 
Mulin Holstein PKI-strategy
Mulin Holstein PKI-strategyMulin Holstein PKI-strategy
Mulin Holstein PKI-strategy
 
Legal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalLegal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara Agrawal
 
Legal nuances to the cloud
Legal nuances to the cloudLegal nuances to the cloud
Legal nuances to the cloud
 
Ubisecure presentation short
Ubisecure presentation shortUbisecure presentation short
Ubisecure presentation short
 

Andere mochten auch

BPMN Usage Survey: Results
BPMN Usage Survey: ResultsBPMN Usage Survey: Results
BPMN Usage Survey: ResultsMichele Chinosi
 
Varilla de soldadura oxiacetilenica
Varilla de soldadura oxiacetilenicaVarilla de soldadura oxiacetilenica
Varilla de soldadura oxiacetilenicaEmmanuel351
 
Motiverende samtale - en tilnærming til samtale om endring
Motiverende samtale - en tilnærming til samtale om endringMotiverende samtale - en tilnærming til samtale om endring
Motiverende samtale - en tilnærming til samtale om endringNina Sletteland
 
MP fortsætter fremgangen.
MP fortsætter fremgangen.MP fortsætter fremgangen.
MP fortsætter fremgangen.husetnybo
 
Rotary.23.august2016
Rotary.23.august2016Rotary.23.august2016
Rotary.23.august2016Ida Borch
 
K ommunikation i arbetslivet del 5
K ommunikation i arbetslivet del 5K ommunikation i arbetslivet del 5
K ommunikation i arbetslivet del 5jonathansikh
 
Czym rozni sie paszport biometryczny od tradycyjnego
Czym rozni sie paszport biometryczny od tradycyjnegoCzym rozni sie paszport biometryczny od tradycyjnego
Czym rozni sie paszport biometryczny od tradycyjnegorafaljurkowlaniec
 
Hvordan Blir Du Et Personligt Brand?
Hvordan Blir Du Et Personligt Brand?Hvordan Blir Du Et Personligt Brand?
Hvordan Blir Du Et Personligt Brand?Ida Borch
 
EUs personvernforordning: Krav til leverandører og kan vi designe oss rundt
EUs personvernforordning: Krav til leverandører og kan vi designe oss rundtEUs personvernforordning: Krav til leverandører og kan vi designe oss rundt
EUs personvernforordning: Krav til leverandører og kan vi designe oss rundtSimen Sommerfeldt
 
Types of Evidence
Types of EvidenceTypes of Evidence
Types of Evidencetet2
 
Police oral board interview questions
Police oral board interview questionsPolice oral board interview questions
Police oral board interview questionsselinasimpson880
 
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENTFUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENTForgeRock
 
IAM for the Masses: Managing Consumer Identities
IAM for the Masses: Managing Consumer Identities IAM for the Masses: Managing Consumer Identities
IAM for the Masses: Managing Consumer Identities ForgeRock
 
Machine Readable Travel Documents (MRTD) - Biometric Passport
Machine Readable Travel Documents (MRTD) - Biometric PassportMachine Readable Travel Documents (MRTD) - Biometric Passport
Machine Readable Travel Documents (MRTD) - Biometric PassportTariq Tauheed
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentationcharlesgarrett
 
Face detection By Abdul Hanan
Face detection By Abdul HananFace detection By Abdul Hanan
Face detection By Abdul HananAbdul Hanan
 

Andere mochten auch (20)

BPMN Usage Survey: Results
BPMN Usage Survey: ResultsBPMN Usage Survey: Results
BPMN Usage Survey: Results
 
Varilla de soldadura oxiacetilenica
Varilla de soldadura oxiacetilenicaVarilla de soldadura oxiacetilenica
Varilla de soldadura oxiacetilenica
 
Motiverende samtale - en tilnærming til samtale om endring
Motiverende samtale - en tilnærming til samtale om endringMotiverende samtale - en tilnærming til samtale om endring
Motiverende samtale - en tilnærming til samtale om endring
 
MP fortsætter fremgangen.
MP fortsætter fremgangen.MP fortsætter fremgangen.
MP fortsætter fremgangen.
 
Rotary.23.august2016
Rotary.23.august2016Rotary.23.august2016
Rotary.23.august2016
 
moser
mosermoser
moser
 
K ommunikation i arbetslivet del 5
K ommunikation i arbetslivet del 5K ommunikation i arbetslivet del 5
K ommunikation i arbetslivet del 5
 
Czym rozni sie paszport biometryczny od tradycyjnego
Czym rozni sie paszport biometryczny od tradycyjnegoCzym rozni sie paszport biometryczny od tradycyjnego
Czym rozni sie paszport biometryczny od tradycyjnego
 
Hvordan Blir Du Et Personligt Brand?
Hvordan Blir Du Et Personligt Brand?Hvordan Blir Du Et Personligt Brand?
Hvordan Blir Du Et Personligt Brand?
 
EUs personvernforordning: Krav til leverandører og kan vi designe oss rundt
EUs personvernforordning: Krav til leverandører og kan vi designe oss rundtEUs personvernforordning: Krav til leverandører og kan vi designe oss rundt
EUs personvernforordning: Krav til leverandører og kan vi designe oss rundt
 
Types of Evidence
Types of EvidenceTypes of Evidence
Types of Evidence
 
Interview skills
Interview skillsInterview skills
Interview skills
 
Types of Evidence
Types of Evidence Types of Evidence
Types of Evidence
 
Police oral board interview questions
Police oral board interview questionsPolice oral board interview questions
Police oral board interview questions
 
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENTFUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
 
Confession an overview
Confession an overviewConfession an overview
Confession an overview
 
IAM for the Masses: Managing Consumer Identities
IAM for the Masses: Managing Consumer Identities IAM for the Masses: Managing Consumer Identities
IAM for the Masses: Managing Consumer Identities
 
Machine Readable Travel Documents (MRTD) - Biometric Passport
Machine Readable Travel Documents (MRTD) - Biometric PassportMachine Readable Travel Documents (MRTD) - Biometric Passport
Machine Readable Travel Documents (MRTD) - Biometric Passport
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentation
 
Face detection By Abdul Hanan
Face detection By Abdul HananFace detection By Abdul Hanan
Face detection By Abdul Hanan
 

Ähnlich wie Identity systems

SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketOKsystem
 
Actiance enabling social_networks
Actiance enabling social_networksActiance enabling social_networks
Actiance enabling social_networksDavid ChoActiance
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security Tripwire
 
OOW 2009 EBS Security R12
OOW 2009 EBS Security R12OOW 2009 EBS Security R12
OOW 2009 EBS Security R12jucaab
 
Actiance Presentation - BDI 2/9/11 Financial Services Social Communications L...
Actiance Presentation - BDI 2/9/11 Financial Services Social Communications L...Actiance Presentation - BDI 2/9/11 Financial Services Social Communications L...
Actiance Presentation - BDI 2/9/11 Financial Services Social Communications L...Business Development Institute
 
Symantec Enterprise Mobility - Mobile World Congress February 2012
Symantec Enterprise Mobility - Mobile World Congress February 2012Symantec Enterprise Mobility - Mobile World Congress February 2012
Symantec Enterprise Mobility - Mobile World Congress February 2012Symantec
 
PCTY 2012, IBM Security and Strategy v. Fabio Panada
PCTY 2012, IBM Security and Strategy v. Fabio PanadaPCTY 2012, IBM Security and Strategy v. Fabio Panada
PCTY 2012, IBM Security and Strategy v. Fabio PanadaIBM Danmark
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...Novell
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...Novell
 
User Authentication for Government
User Authentication for GovernmentUser Authentication for Government
User Authentication for GovernmentCarahsoft
 
Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Avirot Mitamura
 
Solving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holtSolving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holtRoopa Nadkarni
 
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseCA API Management
 
SmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationSmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationOKsystem
 
Symantec Enterprise Mobility Vision May 2012
Symantec Enterprise Mobility Vision May 2012Symantec Enterprise Mobility Vision May 2012
Symantec Enterprise Mobility Vision May 2012Symantec
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesHyTrust
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceNovell
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingOKsystem
 
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec
 

Ähnlich wie Identity systems (20)

SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication market
 
Actiance enabling social_networks
Actiance enabling social_networksActiance enabling social_networks
Actiance enabling social_networks
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
 
OOW 2009 EBS Security R12
OOW 2009 EBS Security R12OOW 2009 EBS Security R12
OOW 2009 EBS Security R12
 
Actiance Presentation - BDI 2/9/11 Financial Services Social Communications L...
Actiance Presentation - BDI 2/9/11 Financial Services Social Communications L...Actiance Presentation - BDI 2/9/11 Financial Services Social Communications L...
Actiance Presentation - BDI 2/9/11 Financial Services Social Communications L...
 
Symantec Enterprise Mobility - Mobile World Congress February 2012
Symantec Enterprise Mobility - Mobile World Congress February 2012Symantec Enterprise Mobility - Mobile World Congress February 2012
Symantec Enterprise Mobility - Mobile World Congress February 2012
 
PCTY 2012, IBM Security and Strategy v. Fabio Panada
PCTY 2012, IBM Security and Strategy v. Fabio PanadaPCTY 2012, IBM Security and Strategy v. Fabio Panada
PCTY 2012, IBM Security and Strategy v. Fabio Panada
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
 
User Authentication for Government
User Authentication for GovernmentUser Authentication for Government
User Authentication for Government
 
Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10
 
Solving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holtSolving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holt
 
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
 
SmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationSmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authentication
 
Symantec Enterprise Mobility Vision May 2012
Symantec Enterprise Mobility Vision May 2012Symantec Enterprise Mobility Vision May 2012
Symantec Enterprise Mobility Vision May 2012
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security Service
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
 
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
 

Mehr von Jim Fenton

REQUIRETLS: Sender Control of TLS Requirements
REQUIRETLS: Sender Control of TLS RequirementsREQUIRETLS: Sender Control of TLS Requirements
REQUIRETLS: Sender Control of TLS RequirementsJim Fenton
 
User Authentication: Passwords and Beyond
User Authentication: Passwords and BeyondUser Authentication: Passwords and Beyond
User Authentication: Passwords and BeyondJim Fenton
 
User Authentication Overview
User Authentication OverviewUser Authentication Overview
User Authentication OverviewJim Fenton
 
Making User Authentication More Usable
Making User Authentication More UsableMaking User Authentication More Usable
Making User Authentication More UsableJim Fenton
 
Toward Better Password Requirements
Toward Better Password RequirementsToward Better Password Requirements
Toward Better Password RequirementsJim Fenton
 
Security Questions Considered Harmful
Security Questions Considered HarmfulSecurity Questions Considered Harmful
Security Questions Considered HarmfulJim Fenton
 
LOA Alternatives - A Modest Proposal
LOA Alternatives - A Modest ProposalLOA Alternatives - A Modest Proposal
LOA Alternatives - A Modest ProposalJim Fenton
 
IgnitePII2014 Nōtifs
IgnitePII2014 NōtifsIgnitePII2014 Nōtifs
IgnitePII2014 NōtifsJim Fenton
 
iBeacons: Security and Privacy?
iBeacons: Security and Privacy?iBeacons: Security and Privacy?
iBeacons: Security and Privacy?Jim Fenton
 
OneID Garage Door
OneID Garage DoorOneID Garage Door
OneID Garage DoorJim Fenton
 
Adapting Levels of Assurance for NSTIC
Adapting Levels of Assurance for NSTICAdapting Levels of Assurance for NSTIC
Adapting Levels of Assurance for NSTICJim Fenton
 

Mehr von Jim Fenton (13)

Notifs 2018
Notifs 2018Notifs 2018
Notifs 2018
 
REQUIRETLS: Sender Control of TLS Requirements
REQUIRETLS: Sender Control of TLS RequirementsREQUIRETLS: Sender Control of TLS Requirements
REQUIRETLS: Sender Control of TLS Requirements
 
User Authentication: Passwords and Beyond
User Authentication: Passwords and BeyondUser Authentication: Passwords and Beyond
User Authentication: Passwords and Beyond
 
User Authentication Overview
User Authentication OverviewUser Authentication Overview
User Authentication Overview
 
Making User Authentication More Usable
Making User Authentication More UsableMaking User Authentication More Usable
Making User Authentication More Usable
 
Toward Better Password Requirements
Toward Better Password RequirementsToward Better Password Requirements
Toward Better Password Requirements
 
Security Questions Considered Harmful
Security Questions Considered HarmfulSecurity Questions Considered Harmful
Security Questions Considered Harmful
 
LOA Alternatives - A Modest Proposal
LOA Alternatives - A Modest ProposalLOA Alternatives - A Modest Proposal
LOA Alternatives - A Modest Proposal
 
Notifs update
Notifs updateNotifs update
Notifs update
 
IgnitePII2014 Nōtifs
IgnitePII2014 NōtifsIgnitePII2014 Nōtifs
IgnitePII2014 Nōtifs
 
iBeacons: Security and Privacy?
iBeacons: Security and Privacy?iBeacons: Security and Privacy?
iBeacons: Security and Privacy?
 
OneID Garage Door
OneID Garage DoorOneID Garage Door
OneID Garage Door
 
Adapting Levels of Assurance for NSTIC
Adapting Levels of Assurance for NSTICAdapting Levels of Assurance for NSTIC
Adapting Levels of Assurance for NSTIC
 

Kürzlich hochgeladen

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Kürzlich hochgeladen (20)

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

Identity systems

  • 2. “Defining identity is like nailing Jell-O® to the wall.” – Source Uncertain Flickr photo by stevendepolo Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 2
  • 3. Terminology   Subject The person (usually) whose identity is involved Sometimes called the User   Relying Party The entity the Subject is interacting with Sometimes called the Service Provider   Attribute A piece of information about the Subject Sometimes called a Claim Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 3
  • 4. A Basic Identity System Government Identity Provider Authentication Request Commerce Social Media Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 4
  • 5. A Basic Identity System Government Identity User Provider User Credentials Authentication Commerce Social Media Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 5
  • 6. A Basic Identity System Government Identity Authorize Info Provider Attribute Request/ Release Response Commerce Social Media Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 6
  • 7. Elements of Identity Management Percent Authentication Credential Management Establish who the Subject is Prove to Relying Parties who the Subject is Attribute Management Provide information about the Subject Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 7
  • 8. User Trust   User trust in their Identity Provider is fundamental Not all users trust any one entity Most likely to trust entities they do business with and strong, trusted brands Different trusted entities in different cultures   An ecosystem of identity providers is required Users need to choose their own identity provider Need to consider ability to migrate to a different provider if required Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 8
  • 9. Authentication Flickr photo by shannonpatrick17 Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 9
  • 10. Authentication Methods   Methods useful for user authentication are situation-specific Type of endpoint being used Required authentication strength (transaction value, etc.)   Problem: Many existing identity systems are bound tightly to specific authentication methods Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 10
  • 11. Authentication Strength   Authentication strength should depend on transaction value iTunes purchase (99 cents) vs. vehicle purchase   NIST Special Pub 800-63 defines 4 levels: Level 1: Minimal challenge/response Level 2: Single-factor identity proofing Level 3: Multi-factor identity proofing Level 4: Hardened multi-factor   Relying party specifies the required strength to the identity management system Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 11
  • 12. Authentication Endpoint Diversity   The Web is pervasive, but not everything is a browser   Examples Vending Machines Set-top boxes Doors (physical security)   Modular approaches to authentication needed to consider a wide range of use cases Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 12
  • 13. Security Opportunities   Users that authenticate frequently at a given service are more likely to detect anomalies More likely to be suspicious about, for example, lack of a certificate Browsers can be configured to specially flag “chosen” identity providers   Identity providers can detect anomalous user behavior Similar to detection of fraudulent credit card transactions Business/policy framework should encourage this Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 13
  • 14. Credential Management Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public Imagery supplied by Photodisc/Getty Images 14
  • 15. Credential Management: Functions   Act as a “key cabinet” for the user Each relying party has its own credentials   Support Directed Identity Prevent undesired release of correlation handles Identifiers to Relying Parties are opaque by default   Enforce secure use of credentials Require use of secure channel (e.g., SSL) Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 15
  • 16. Directed Identity   It should not necessarily be possible for different Relying Parties to correlate identifiers Insurance company vs. supermarket account Pseudonymous identifiers for tip hotlines   Users may still choose to link relying parties’ identifiers   Attributes may also provide correlation handles   Credential manager can be subpoenaed if appropriate Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 16
  • 17. Security and Availability Issues   Security The credential store is a very high-value target Credentials can be distributed to diffuse attack High-level physical security is also required   Availability Failure of an Identity Manager may have severe impact on its Subjects Solvable problem, but needs to be addressed Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 17
  • 18. Attribute Management Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 18
  • 19. Distributed Attributes   Self-asserted attributes have limited utility   Authoritative sources for different attributes come from different places FICO scores from a credit bureau Driving record from state Motor Vehicle Department Proof of employment from employer   Identity system has a role in locating trustable sources of attributes   Attributes delivered as signed assertions Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 19
  • 20. Attribute Distribution: Example Healthcare Provider Identity Provider Authorization “Is subject 21?” Request Request Wine Merchant Motor Vehicle Department Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 20
  • 21. Attribute Distribution: Example Healthcare Provider Identity Provider Release Trust Negotiation Authorization Wine Merchant Motor Vehicle Department Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 21
  • 22. Attribute Distribution: Example Healthcare Provider Identity Provider “Is subject 21?” Request Wine Merchant Motor Vehicle Department Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 22
  • 23. Attribute Distribution: Example Healthcare Provider Identity Provider “Subject is 21 or over” –DMV Wine Merchant Motor Vehicle Department Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 23
  • 24. Attribute Trust   Federation: Prearranged trust relationships Personnel Security Clearances among Federal agencies Business partners   Accreditation: Indirect federation Financial institutions, schools Scales much better than direct federation Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 24
  • 25. Identity Provider Trust   Identity Provider has a fiduciary responsibility   To the Subject: Must use credentials only for the proper Subject   To Relying Parties: Must associate attribute requests and responses reliably   Identity Provider may coincidentally function as an Attribute Provider Functions should be considered separate to maintain privacy Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 25
  • 26. Summary Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 26
  • 27. Observations   Scaling is critical Technical (protocol) aspects of scaling are a solved problem Scaling of trust relationships is the real limitation   Chosen technologies need to consider a very wide range of use cases   An ecosystem of identity and attribute providers is needed Need business models for these functions Public policy should encourage constructive behavior and help these entities manage liability exposure Fenton 091120 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 27