SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.

Slides:



Advertisements
Similar presentations
What is. Digital Certificate It is an identity.
Advertisements

Public Key Infrastructure and Applications
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
Digital Certificate Installation & User Guide For Class-2 Certificates.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
PKI Implementation in the Real World
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Grid Security. Typical Grid Scenario Users Resources.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Mobile Credentials Ennio J. Carboni Product Manager, Keon PKI
Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.
Authentication choices! Vincent van Kooten: Business Sales Manager Benelux Distributed by -
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.
Introduction To Windows NT ® Server And Internet Information Server.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Security Management.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Certificate and Key Storage Tokens and Software
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
Public Key Infrastructure from the Most Trusted Name in e-Security.
Cognizance Identity and Access Management Identity Management ● Authentication ● Authorization ● Administration The next generation security solution
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Week #7 Objectives: Secure Windows 7 Desktop
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
© Aladdin Knowledge Systems 2006 Aladdin eToken Overview April 2006 ®
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Configuring Directory Certificate Services Lesson 13.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Module 9: Fundamentals of Securing Network Communication.
Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.
Single Sign-On
ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
DIGITAL SIGNATURE.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Creating and Managing Digital Certificates Chapter Eleven.
1 Thuy, Le Huu | Pentalog VN Web Services Security.
Strong Authentication Infrastructure Requirement: Trusted Input Devices National ID Workshop Carnegie Mellon University November 28, 2001 Lark M. Allen.
VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.
Electronic Banking & Security Electronic Banking & Security.
A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó.
Product Manager, Keon PKI
Public Key Infrastructure from the Most Trusted Name in e-Security
Install AD Certificate Services
Module 2 OBJECTIVE 14: Compare various security mechanisms.
ECT 455/HCI 513 E-Commerce Web Site Engineering
Presentation transcript:

SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant

SPD2 AGENDA Background Core Technologies Schlumberger Solutions Questions & Answers

SPD3 Market facts (CSI/FBI)

SPD4 How Does One Authenticate? One Factor - What you know – Password Two Factors - What you have – Smart card Three Factors - What you are – Biometric => Balance between convenience, privacy, and security

SPD5 A Corporate Smart Badge? Passwords are expensive and provide poor security Many different standards increase management complexity and help desk support Increasing network fraud, poor security around transactions and messaging Hard drive based security can be improved =>One single ID card for both secure physical and logical access

SPD6 Smart Cards for Corporate Login Million Units Dataquest/Card Technology 5/01 By YE ‘04 33% of W2K/XP users will login via smart card ( Gartner Group)

SPD7 CORE TECHNOLOGIES Public Key Infrastructure Smart Cards Proximity Cards

SPD8 PKI Symmetric Model

SPD9 PKI Asymmetric Model

SPD10 PKI Public Key Cryptography Fundamentals Two keys, one you keep secret (private) and one you let everyone else know (public) Important property: –If data is encrypted with a public key, the only way to decrypt is by having the private key –If data is encrypted with a private key, the only way to decrypt is by having the public key Combined with secret key algorithms provides: authentication, bulk encryption, and integrity

SPD11 Digital Certificates Public Keys are distributed in the form of Certificates. –Binding between “identity” and a public key –Digital equivalent of employee badge, drivers license – universal –Issued by Certificate Authorities (CAs) to clients, servers, objects –Trust and accreditation of CA is a major component of Public Key Infrastructure: to what extent can you be sure a certificate truly binds a public key to an entity A Digital Certificate contains the sender’s public key, and also the trusted authority’s digital signature.

SPD12 What’s in a Digital Certificate? Defined by ITU standard X.509 –supported by Netscape,iPlanet, Entrust, MS IE, MS IIS, Lotus Domino 5, … Certificate typically contain: –Name of owner and their public key –Name and signature of Certificate Authority –Expiration date, serial number –Algorithms used for encryption & signing X.509 v3 permits arbitrary attribute-value pairs (e.g. credit card #, access control information, certificate policies….)

SPD13 Smart Card Overview Total sales of 1.5B units in 2000 –GSM requires smart card (SIM) –Credit cards, AMEX blue, DoD. Already a proven, secure technology Almost unanimous agreement among analysts and experts that smart cards are an ideal token for storage of important digital credentials, such as private keys, biometrics, etc.

SPD14 Reflex 72Reflex 20 CARD READERS Middleware CRYPTO CARD Cryptoflex 4K, 8K, 16K JAVA CRYPTO CARDS Cyberflex Palmera Protect 16K, 32K Cyberflex Access II 16K, 32K SLB Smart Card Products

SPD15 e-Gate: the next generation e-Business Smart Card: Access e-Gate –32K Access II card with embedded USB driver. –Simple, inexpensive reader plugs directly into USB port –e-Gate Card+Reader vs. ISO Card+Reader: 30% less –Electron d’or award, 2000

SPD16 Smart Card Kits

SPD17 Proximity Cards HID Proximity Card –125 kHz proximity antenna and chip –Popular in the US –Personalize by HID MIFARE Contactless Smart Card –13.56 MHz contactless antenna –Popular outside of the US –Personalize by our CIS

SPD18 Schlumberger Smart Badge Integration Network access Secure log in Digital signatures Web authentication Password storage Public key infrastructure Payment loyalty programs Physica l access Corporate identity E-commerce entitlement control authentication authorization accounting

SPD19 Single Sign-On (SSO) Enable authentication to be managed consistently across the enterprise Allow a user to log in just once Transparent access to a variety of permitted information systems Integration of stronger authentication services to support SSO using the Corporate Badge

SPD20 Smart Login Smart Card based password store for Windows, enabling reduced Sign On. Support IE, Netscape, and any Windows Login dialog. Windows 2000/NT/9x. Automatic Login.

SPD21 Demo Demonstrate Smart Card Login on Windows 2000 And secure screen lock

SPD22 Demo 1-2 After Windows boot, SLB GINA dialog is displayed On card insertion, user is prompted for PIN verification If successful, access is granted to desktop and related networks

SPD23 Demo 2-2 On card removal (typically when the user walks away from his computer), the computer locks itself automatically It is unlocked using the same process as initial logon (PIN verification

SPD24 SC & Reader Card Software DirectoryCA Policy Server CMS Physical Access Technical Consulting Custom Applications E- Commerce VPN Loyalty Design & Integration Project Management Deployment Training 24x7 Help Desk Schlumberger’s total solution

SPD25 Smart Badge Movie

SPD26 Q & As Questions and Answers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.