VETUMA, the web portal for strong authentication Tietotekniikkaosasto Ismo Aulaskari 2.9.2008.

Slides:

Advertisements

Similar presentations

1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 1 Introduction to Perl and CGI.

Advertisements

Federated Access implementation: experience of AUCA Library - Kyrgyzstan 4 th -7 th June, 2008, Aberdeen, Scotland Sania Battalova, EIFL Country and FOSS.

A Reliable and Secure Network TM105: ESTABLISHING SANE TECHNOLOGY POLICIES FOR YOUR PROGRAM.

Taxpayers registration and e-services provided by the Estonian Tax and Customs Board Karin Aleksandrov Chief Expert Service Management Department.

Omni eControl. New Features in Version 2.x - Manage Mixed Networks: eDirectory, Active Directory, GroupWise, Exchange eControl Version 2.0 New Features.

Michal Bodlák. Referred to as mobile money, mobile money transfer, and mobile wallet generally refer to payment services operated under financial regulation.

Why Web services should care about grid security Taavi Hupponen, CSC.

Policing the Power of Identity Controls Power Behavior Verify that controls are in place and functioning Monitor user behavior and verify that people.

Additions / Amendments 1.My Account 1.Register 2.Login 3.Log out 4.Recover password 2.My Location 1.Select town e.g Lymington 2.Home page now deliver.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

FIT3105 Smart card based authentication and identity management Lecture 4.

Moving Your Paperwork Online Western Washington University E-Sign Web Forms Copyright Western Washington University, This work is the intellectual.

Federated Shibboleth, OpenID, oAuth, and Multifactor | 1 Federated Shibboleth, OpenID, oAuth, and Multifactor Russell Beall Senior Programmer/Analyst University.

Online and Mobile Banking. Online banking Online Banking  Online banking is a fairly established practice in our internet-saturated world.  Many people.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Get Started With Marketing!. Marketing on Your Mind?  This presentation will include: Info for New and Experienced Users Ideas for marketing to Students.

Empowering Business Dhan (Co-Founder)

CS240 Computer Science II Introduction to Unix Based on “UNIX for Programmers and Users” by G.Class and K. Ables.

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.

Payment Gateways for e-Government services 24 May 2007

Current State Of NetID By Jonathan Higgins Presentation Template available from Microsoft A low cost Identity Management Implementation Guide.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

GatorLink Password Management Policy March 31, 2004.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.

Integrating NAV 2013R2 and Office 365 Office 365 Single Sign-on NAV as an app NAV online document store.

HAKA project HAKA User administration inside Finnish Higher Education Institutes results from the KATO project Barbro Sjöblom EDS 2003 Uppsala.

Building Secure, Flexible and Scalable Environments using LDAP - SANS Orlando Sacha Faust PricewaterhouseCoopers

Identity management, authentication and registration at the University of Helsinki Tietotekniikkaosasto Ismo Aulaskari

authenticated networked guided environment for learning - secure integration of learning environments with digital libraries - Current.

With Jim Mollé Learn iT! Computer Software Training.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Federations round table Haka federation of Finland EuroCAMP Mikael Linden CSC, the Finnish IT Center for Science.

Tara Backes – Project Manager Troy Wilson – Chief Technology Officer Susan Pommier – Project Executive.

Core 3: Communication Systems. Network software includes the Network Operating Software (NOS) and also network based applications such as those running.

Moving Your Paperwork Online Western Washington University E-Sign Web Forms.

What’s a mobile app? A mobile app is a software program you can download and access directly using your phone or another mobile device, like a tablet.

Identity Management and Enterprise Single Sign-On (ESSO)

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

Online Banking. Learning Objectives To learn how society has been affected by online banking.

SY0-401 COMPTIA Security+ Certification Exam Vcepracticetest.com.

Check By Phone Software - A Tool To Accept Checks Payments in Seconds Submitted By :

Applications Software. Is a software used to carry out a particular task e.g. a game or word processor.

CompTIA Security+ Certification Exam SY

Digital Certificates Presented by: Matt Weaver. What is a digital certificate? Trusted ID cards in electronic format that bind to a public key; ex. Drivers.

Munix Bus WiFi Authentication, Log Management, Internet Security, Content Filter & VPN Service Internet Gateway & Business Intelligence

Identity and Access Management

Using Your Own Authentication System with ArcGIS Online

Understanding The Computer Login Account

Extending Authentication to Members of Social Networks

Microsoft Virtual Academy

Appendix A: Guide to Using Microsoft Project 2002

Unit 7 NT1330 Client-Server Networking II Date: 7/26/2016

ESA Single Sign On (SSO) and Federated Identity Management

Office 365 Identity Management

Digital $$ Quiz Test your knowledge.

Management of users at UNIL

The main cause for that are the famous phishing attacks, in which the attacker directs users to a fake web page identical to another one and steals the.

Architecture Competency Group

Miami-Dade County Public Schools

Authentication & the Web

Microsoft Virtual Academy

Appendix A: Guide to Using Microsoft Project 2002

Quick Troubleshoots Outlook Problem

Microsoft Virtual Academy

Presentation transcript:

VETUMA, the web portal for strong authentication Tietotekniikkaosasto Ismo Aulaskari

VETUMA Government-funded web-authentication portal Provides one (documented, open) interface for multiple strong authentication services, including Bank authentication (most popular)‏ Certificate card authentication (government FINEID for the public)‏ Mobile phone authentication (several methods, including FINEID)‏ User authentication, digital signatures, money transfers(with bank authentication)

Getting it So far, the government has paid for about half of the expenses for user organisations The government has also licenced the “offical” Vetuma client software(Java) for free to government use University of Helsinki develops its own free software implementation of the Vetuma client (in Perl)‏ First version was made as a pilot project for the CSC

Use cases for strong authentication by VETUMA Password resetting service Registering new users online Creating one-time password lists Technically also possible to combine with a public IDP for a Shibboleth federation Too expensive for daily tasks such as authenticating workstations etc.

Password resetting service Password resetting for multiple user account types Edirectory, Active Directory, Unix Two different interfaces LDAP homegrown web service

User account creation Web forms where the strongly authenticated user is guided through the user account creation process So far, at least 75% of new students have succeeded in using the service Some of the rest however, among other things tried to use borrowed bank account codes to authenticate themselves.. Also, students seem reluctant to read all the text they should when given a user account for a university network

Other things to notice As the authentications cost money to the university, access to the service must be limited to a reasonable number of attempts (by social security code and ip-address)‏ Making the directions for the service is a lot of work, especially in 3 different languages It would be possible for HU to compete with the Vetuma service by implementing the multiple interfaces directly

What?