Single sign-on Secure password store Mats Byfuglien.

Slides:

Advertisements

Similar presentations

Single Sign-On (SSO) Single Sign-On (SSO) Strong Authentication.

Advertisements

Operating System Structures

A mobile single sign-on system Master thesis 2006 Mats Byfuglien.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Gridification Task Development Plan for Release 1.1 – 2.0 For Gridification: David Groep

January 6. January 7 January 8 January 9 January 10.

Impact of the Recent UC Denver Remote Computing Audit May, 2010.

SINGLE SIGN-ON. Definition - SSO Single sign-on (SSO) is a session/user authentication process that permits a user to enter one name and password in order.

1 Miami-Dade County Public Schools. 2 From the Data Center to the Cloud: Manny Castañeda Miami-Dade County Public Schools.

Migrating to Google Apps for Student Kevin Macnaughton, Team Lead, IT Services April 28, 2014.

Tunis, Tunisia, 28 April 2014 Business Values of Virtualization Mounir Ferjani, Senior Product Manager, Huawei Technologies 2.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.

Storage of sensitive data in a Java enabled cell phone MSc Thesis Tommy Egeberg June 2006.

Mobile Single Sign On System Souheil Lazghab. The security protocol should secure: First, the Bluetooth communication between the PICDEM FS USB Demo board.

CS795/895.NET Passport1. NET PASSPORT &TRUSTBRIDGE SHRIPAD PATIL CS795/895 SECURITY IN DISTRIBUTED SYSTEMS.

Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.

魂▪創▪通魂▪創▪通 Digital Certificate and Beyond Sangrae Cho Authentication Research Team.

Certificate and Key Storage Tokens and Software

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

Mobile Based Security System Group 11 Awantha S.A.T. Darshana S.A.T. Kumara M.D.B.J.B. Sandakalum H.K.L.S.

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption.

Prepared by They Yu Shu Lee Ern Yu.  Motivation  Previous Work  Remaining Issues  Improvement.

Little Brother Surveillance Nathaniel Brown and Chris Mordue.

1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.

OBJECT ORIENTED SYSTEM ANALYSIS AND DESIGN. COURSE OUTLINE The world of the Information Systems Analyst Approaches to System Development The Analyst as.

Three Basic Identification Methods of password Possession (“something I have”) Possession (“something I have”) Keys Passport Smart Card Knowledge (“Something.

Windows XP Professional Features ©Richard L. Goldman February 5, 2003.

Programming Handheld and Mobile devices 1 Programming of Handheld and Mobile Devices Lecture 23 Summing up Rob Pooley

Windows XP Professional Features ©Richard L. Goldman February 5, 2003.

Dartmouth PKI Update Robert Brentrup Internet2 Member Meeting April 21, 2004.

IT Internal Audit “Hot Topics” April 2011 Agenda Survey Overview Survey Results IT Internal Audit Hot Topics Overview – Social Media and Social Networking.

Presented by: Reem Alshahrani. Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments.

Mobile Communication Middleware By:Lekometsa Mokhesi Anisa Ragalo Supervisor: Ken Macgregor.

KSA by the Numbers Data extracts represented as charts with references. The slides are organized by source and time. Last updated 14 April 2013.

WebNetwork 6.2 Unified Private Cloud Platform. Originally incorporated in Indiana in ,000+ customers and over 7.5 million users worldwide First.

Review Of Single Sign On Systems Mansee A. Mongia 05 th March,2008.

Existing Alternative for Pushing Content to Mobile Devices – an Analysis and an Implementation Diplomityöseminaari Marcus Mattila 49836w.

Module 3: Planning Administrative Access. Overview Determining the Appropriate Administrative Model Designing Administrative Group Strategies Planning.

Mobilizing our Sales Force via Paperless In-Store Selling.

SunSatFriThursWedTuesMon January

Progress presentation

Implementation and provisioning of mobile extensions for telephonic calls Ioannis Metaxas.

Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.

Carrying Your Vital Signs With You Jonathan Otero Suárez Metropolitan University, San Juan, Puerto Rico NSF REU: “Creating Computer Applications for Medicine”

Introduction to Networking. What is a Network? Discuss in groups.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

General Overview of Various SSO Systems: Active Directory, Google & Facebook Antti Pyykkö Mikko Malinen Oskari Miettinen.

Office of Information Technology GT Identity and Access Management JA-SIG CAS project (introducing login.gatech.edu) April 29th,

Shared Multimedia Network for Picture Frames. Members Bob Carroll Network Domain Expert IP Development Nick Gorevski Webmaster Bluetooth Development Ngai.

Module 5: Designing Physical Security for Network Resources

ITwin iTwin Presented by: G.Vyshnavi 14A81A0572 CSE-B.

Understanding The Computer Login Account

Blind Aid Developments Using Design and Engineering Approach

Set up your own Cloud The search for a secure and acceptable means of gaining access to your files stored at the office from a remote location.

MULE Final Presentation

for Display Antique and Art Object Information

The protection of the computing device has become the primary focus of the users. With the advancement in technology computer and its threats are also.

Cryptocurrency Mobile Wallet Development Company

Network Types & Speed Learning Objectives:

A mobile single sign-on system

Internet-based monitoring and control of embedded systems

Engineering Innovation

The main cause for that are the famous phishing attacks, in which the attacker directs users to a fake web page identical to another one and steals the.

Single Sign On Glen Dorton 1/18/2019.

ADUG 21-Oct 2013 Grahame Grieve

IT Office hours – 1 Data Sharing 101

The Problem Microsoft Active Directory (AD) is used by almost every big company Microsoft AD uses Kerberos Authentication Android are forcing customers.

Presentation transcript:

Single sign-on Secure password store Mats Byfuglien

The task Create a mobile solution for automated SSO  Mobile with Java MIDlet  USB device with Bluetooth support configured as an external keyboard Security analysis Usability analysis

Research questions 1. Does other alternative SSO solutions exist, if so - how are their security and usability? 2. How will different storage methods affect functionality and security of the solution? 3. What methods exist for transferring passwords securely between the mobile deviceand the computer, and how secure are they? 4. How secure is the prototype developed in this thesis? 5. How user friendly is the prototype developed in this thesis?

State of the art – SSO solutions Personal SSO solutions  Virtual Safe  Auto complete logon forms Web-based SSO solutions  Microsoft Passport Mobile SSO solution  No support for automated logons Business solutions  Kerberos  Expensive, complex to configure

Methods Literature study  Other SSO solutions Evaluate each system on security and usability  Crypto Algorithms Performance API’s available  Protocol analysis Possible attacks Implementing the prototype Security and usability analysis  Test group  Survey  Interview Compare prototype with SSO solutions from literature study

Plan of progress Literature study  Beg. January – beg. February Planning and designing the solution  Beg February – mid. February Implementation and testing  Mid February – beg April Security and usability analysis  Mid April – beg. May Write report  Beg. May – end June

Risk analysis