We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byAlivia Chivington
Modified about 1 year ago
User Security for e-Post Applications Dr Chandana Gamage University of Moratuwa
2 What is the process of securing a web application?
4 What is the most common method of end user security?
5 Password! (user name and password combination)
6 What is the weakest method for end user security?
8 Why do we keep using the weakest form of security as the most widely used form of security?
9 Many reasons … Historical reasons Ease of use reasons Ease of deployment reasons
10 What are the alternatives for strengthening the security of end users?
11 Change from the paradigm of “something you know” to a “something you have” or “something you are”
12 What is practical for end users of web applications?
13 Something you have? A physical token Mag strip card Smart card with chip
14 A physical token based end user security scheme could be impractical At present, need specialized hardware This could change in the future
15 Something you are? A biometric Fingerprint scan Iris scan Retina scan
16 A biometric based end user security scheme could be impractical At present, need specialized hardware This could change in the future
17 What are the other alternatives?
18 Direct Two Factor Security Schemes
19 Combine “Something you know” with “Something you have” ATM card with PIN
20 Combine “Something you know” with “Something you are” Thumb print with Employee ID
21 The practical problems making direct two factor security schemes impractical still persists...
22 Are there any more alternatives?
23 Indirect Two Factor Security Schemes
24 The key idea is to use Two Channels of Communication
25 The First Channel Web Application Accessed through the computing device and Internet
26 The Second Channel Indirect Communication Email, SMS, Post
27 How does it work?
28 e-Post user enters the User ID Receives a randomly generated number in a SMS
29 Prerequisites Register the mobile phone number with e-Post Service Can be done at the time of registering for service
30 e-Post user enters the User ID Enters random number From a list of numbers received through Post
31 Prerequisites Receive the list of numbers periodically Users registered for services receive through post
32 Important Lesson #1 No secret password that a user needs to remember
33 Important Lesson #2 No special hardware or software required
34 Important Lesson #3 Must be usable Anytime Anywhere
35 Important Lesson #4 No single solution fits all users!
36 Important Lesson #5 Must be intuitive to use No learning curve No training
37 Important Lesson #6 Must be difficult for users to make mistakes
38 Important Lesson #7 Must be secure against hacking No stored secrets to steal!
39 Important Lesson #8 Must be secure against phishing No easy way to trick the user!
40 Important Lesson #9 Must be fast No complicated processing at the user (front end) or at the service (back end)
41 Important Lesson #10 Important Lesson #11 Important Lesson #12...
42 Thank You firstname.lastname@example.org
Time for a BREAK! You have 45 Minutes. Time Left 44.
PSSA Preparation. Question 1(no calculator) D Question 2 (no calculator)
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Peterson’s Practice AP Exam
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.
Basel-ICU-Journal Challenge18/20/ Basel-ICU-Journal Challenge8/20/2014.
and 5. and and
BMU - E I 1 Development of renewable energy sources in Germany in
1 RA I Sub-Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Casablanca, Morocco, 20 – 22 December 2005 Status of observing programmes in RA I.
Prof. Valter Bezerra Dantas
Chapter 14 Energy Generation in Mitochondria and Chlorplasts Essential Cell Biology Third Edition Copyright © Garland Science 2010.
Chapter 12 Membrane Transport Essential Cell Biology Third Edition Copyright © Garland Science 2010.
Chapter 11 Membrane Structure Essential Cell Biology Third Edition Copyright © Garland Science 2010.
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
BMU – KI III 1 Development of renewable energy sources in Germany in
PP Test Review Sections 6-1 to 6-6 Mrs. Rivas 1. 2.
1 RA III - Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Buenos Aires, Argentina, 25 – 27 October 2006 Status of observing programmes in RA.
CONTROL VISION Set-up. Step 1 Step 2 Step 3 Step 5 Step 4.
2011年上半年 我院团学工作活动图片展播 2011年8月28日.
Author: Julia Richards and R. Scott Hawley
Chapter 10 Analyzing Genes and Genomes Essential Cell Biology Third Edition Copyright © Garland Science 2010.
Immunobiology: The Immune System in Health & Disease Sixth Edition Chapter 13 Autoimmunity and Transplantation Copyright © 2005 by Garland Science Publishing.
1 Click here to End Presentation Software: Installation and Updates Internet Download CD release NACIS Updates.
Copyright © 2012, Elsevier Inc. All rights Reserved. 1 Chapter 7 Modeling Structure with Blocks.
©Brooks/Cole, 2001 Chapter 12 Derived Types-- Enumerated, Structure and Union.
REVIEW: Arthropod ID. 1. Name the subphylum. 2. Name the subphylum. 3. Name the order.
Adding Up In Chunks. Category 1 Adding multiples of ten to any number.
Exarte Bezoek aan de Mediacampus Bachelor in de grafische en digitale media April 2014.
Murach’s OS/390 and z/OS JCLChapter 16, Slide 1 © 2002, Mike Murach & Associates, Inc.
1 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt BlendsDigraphsShort.
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
UNITED NATIONS Shipment Details Report – January 2006.
Numbers Treasure Hunt Following each question, click on the answer. If correct, the next page will load with a graphic first – these can be used to check.
Murach's PHP and MySQL, C15© 2010, Mike Murach & Associates, Inc.Slide 1.
CS 6143 COMPUTER ARCHITECTURE II SPRING 2014 ACM Principles and Practice of Parallel Programming, PPoPP, 2006 Panel Presentations Parallel Processing is.
Bright Futures Guidelines Priorities and Screening Tables.
Break Time Remaining 10:00. Break Time Remaining 9:59.
Model and Relationships 6 M 1 M M M M M M M M M M M M M M M M
Properties of Real Numbers CommutativeAssociativeDistributive Identity + × Inverse + ×
Chapter 15 Intracellular Compartments and Transport Essential Cell Biology Third Edition Copyright © Garland Science 2010.
Chapter 13 Fluids Physics for Scientists & Engineers, 3 rd Edition Douglas C. Giancoli © Prentice Hall.
Copyright © Action Works 2008 All Rights Reserved - Photos by David D. Kempster 1.
Bellwork Do the following problem on a ½ sheet of paper and turn in. The ratios of three angles in a triangle are 8:6:4. Find the value of x and classify.
1 hi at no doifpi me be go we of at be do go hi if me no of pi we Inorder Traversal Inorder traversal. n Visit the left subtree. n Visit the node. n Visit.
13:00 Clock will move after 1 minute PPT – VCIC Timer 15.ppt.
2 |SharePoint Saturday New York City
Objectives: Generate and describe sequences. Vocabulary:
© 2017 SlidePlayer.com Inc. All rights reserved.