Professional Documents
Culture Documents
ch
Trends 2010
Security Expert
15 years of experience in ICT Security
CEO and Founder of MARET Consulting
Expert @ Engineer School of Yverdon & Geneva University
Swiss French Area delegate at OpenID Switzerland
Co-founder Geneva Application Security Forum
Author of the Blog: la Citadelle Electronique
Chosen field
Digital Identity Security
Identification
Identification
Who are you?
Authentication
Prove it!
Strong authentication
technologies
Conseil en technologies
Which strong authentication technology?
Digital signature
Non repudiation
Corporations Public
eBanking
VPN
Web Applications
Mobility
Electronic Document Mgt Social networks
Facebook
Project PIV FIPS-201
SAML Virtual World
Adoption of OpenID
Biometry
and
Match on Card
Conseil en technologies
Which biometric technology for IT?
A reader
Biometry
SmartCard
Biometric strong
authentication
Reader of the «swipe» type
X509 machine certificate
Utilisation TPM
Authentication of the
machine
Applications
Pre Boot Authentication
Smart Card Logon
Full Disk Encryption
VPN (SSL, IPSEC)
Web Application
Citrix
www.maret-consulting.ch Conseil en technologies
U Cert
U_Cert
Population concerned
500 persons (Phase I)
In the long run: 3000 persons (Phase II)
www.maret-consulting.ch Conseil en technologies
BIA
Bank Acme SA
Electronic Documents
Mgt HIGH HIGH 30 min 1H 2H HIGH HIGH
Mandatory Desired
Issuer
App A cert
Link: cn
User
PHASE 1 PHASE 2
Strong authentication Authorization
Definition of roles
Tasks and responsibilities
Purpose: separation of duties
Four eyes
Technology explication
Match on Card
Finger position
Try (Play with Biometry)
Convergence
Physical security and logical security
By SONY
MARET Consulting
http://maret-consulting.ch/
La Citadelle Electronique (blog on digital identities)
http://www.citadelle-electronique.net/
Banking and finance article
Steal an identity? Impossible with biometry!
http://www.banque-finance.ch/numeros/88/59.pdf
Biometry and Mobility
http://www.banque-finance.ch/numeros/97/62.pdf
Publique presentations
OSSIR Paris 2009: Feedback on the deployment of biometry on a large scale
http://www.ossir.org/paris/supports/2009/2009-10-13/Sylvain_Maret_Biometrie.pdf
ISACA, Clusis: Access to information : Roles and responsibilities
http://blog.b3b.ch/wp-content/uploads/mise-en-oeuvre-de28099une-solution-biometrique-
de28099authentification-forte.pdf
Annexes
Conseil en technologies
Enter OTP
Technologies Explanations
Validation
Authority
OCSP request
Valide
Pas valide
Inconu
Approaches Examples