Strong Authentication Infrastructure Requirement: Trusted Input Devices National ID Workshop Carnegie Mellon University November 28, 2001 Lark M. Allen.

Slides:

Advertisements

Similar presentations

Achieving online trust through Mutual Authentication.

Advertisements

Smart Cards Our Inevitable Future Mark Shippy. What are smart cards? Credit card sized plastic card with an embedded chip. Credit card sized plastic card.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

POC Security System High security system combining PIN-on-Card, information security, physical access, control and alarm – all in one system.

SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

Secure Communication Architectures.

Chapter 5 Input and Output. What Is Input? What is input? p. 166 Fig. 5-1 Next  Input device is any hardware component used to enter data or instructions.

Cryptography on TFT displays Cryptography on TFT displays Pablo Sánchez Pedrosa.

Presented by : ARJUN.B.M USN: 1RL05CS007 Dept Of CSE RLJIT, Dodballapur Under the guidance of : Basavaraj.S.Pol Asst. Prof Dept of CSE, RLJIT.

Increased Security, while protecting Privacy ? True or False ? Christer Bergman, President and CEO, Precise Biometrics.

Mobile Credentials Ennio J. Carboni Product Manager, Keon PKI

Submitted by: Rahul Rastogi, CS Department.  Introduction  What is a smart card?  Better than magnetic stripe card.  Technology What’s in a card?

User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems.

Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.

FIT3105 Smart card based authentication and identity management Lecture 4.

Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Hardware and Multimedia Chapter 4. 4 Personal Computers (PCs) PCs are computers that can be: Used by individuals at home, work, or school Desktop models.

Chapter 4 Section 3.

Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.

Certificate and Key Storage Tokens and Software

Alternative Input Devices. Digital Camcorder View recordings on a regular TV or copy them to VHS tape Send MPEG video clips by way of to a mobile.

Mobile Identity and Mobile Authentication (mobile e-signature) Valdis Janovs Sales Director Lattelecom Technology SIA.

By: Piyumi Peiris 11 EDO. Swipe cards are a common type of security device used by many people. They are usually a business-card-sized plastic card with.

Vilnius, October 21st, 2002 © eEurope SmartCards Securing a Telework Infrastructure: Smart.IS - Objectives and Deliverables Dr. Lutz Martiny Co-Chairman,

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

Smart Cards By Simon Siu and Russell Doyle Overview Size of a credit card Small embedded computer chip – Memory cards – Processor cards – Electronic.

Information Assurance... Smart Card Interoperability Steve Haynes Phone

Data Confidentiality. Learning Objectives: By the end of this topic you should be able to: discuss the need to keep data confidential explain how data.

Securing Applications With Firmware (Going Beyond TCPA Platform Security) Dr. Robert W. Baldwin Chief Scientist.

Smart Card Application. Smart-card is a plastic card, the size of a standard credit card, with one or several integrated circuits (chips) capable to store.

Trusted Computing BY: Sam Ranjbari Billy J. Garcia.

Copyright © Wondershare Software Java Ring By D.Pradeep kumar(07241A0587) CSE Gokaraju Rangaraju institute of Engineering and Technology.

Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,

Looking beyond the obvious!! HOW SECURE IS BANKS’ CORE DATA? Prashant Pande Head Professional Services IDBI Intech Ltd.

Smart Card Technology & Features

Digital Rights Management and Watermarking of Multimedia Content for M-Commerce Applications Frank Hartung and Friedhelm Ramme, Ericsson Research, IEEE.

1 7 th CACR Information Workshop Vulnerabilities of Multi- Application Systems April 25, 2001 MAXIMUS.

2014 Asia-Pacific Financial Forum Seattle, Washington July 7, 2014 Electronic Payments: Expanding Financial Access for Consumers and Businesses of Every.

Trust Infrastructures for Multi-Party Transactions Wave Systems Corp Len Veil.

28 th International Traffic Records Forum Biometrics/SmartCard Workshop 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida.

ID anywhere mobile | smart cards | devices.

Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.

1 UNIT 19 Data Security 2. Introduction 2 AGENDA Hardware and Software protect ion Network protect ion Some authentication technologies :smart card Storage.

1 UNIT 19 Data Security 2 Lecturer: Ghadah Aldehim.

Input/Output/Storage. Input Devices Computers need to capture information. This can be done using an Input device.

Computer Parts There are many parts that work together to make a computer work.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.

Chris Calderon – February 2016 MIS 534 Information Security Management.

 Kim  Allen  Kenneth. Chapter 1 Computer Fundamentals.

LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.

History of Windows Operating System. Windows 1.0 Debuted in 1985 First version of Windows that was set up to use bitmap displays and mouse pointing devices.

1 1 Social Security Platform James Wu We Simplify Security.

Trusted Computing Security for the Digital World Industry Leader in Trusted Systems and Services Lark M. Allen Wave Systems Corp.

A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó.

iPhones and iPads and iTunes, Oh My!

AGENDA Introduction Kind of information smart card contain

Authentication.

Hardware Cryptographic Coprocessor

UNIT 19 Data Security 2.

Security Barriers Asset Proper Access Attack Security System

مقدمة في الحاسب الآلي T. Arwa Alsarami.

COEN 351 Authentication.

Presentation transcript:

Strong Authentication Infrastructure Requirement: Trusted Input Devices National ID Workshop Carnegie Mellon University November 28, 2001 Lark M. Allen / Wave Systems

The Problem  Personal Computers are untrusted devices  Input, processing, and output cannot be protected or hidden from interception, observation, and hacking Therefore: Authentication processing in PCs cannot be trusted, regardless of the identity tokens utilized 11/27/012

The Problem 11/27/013 Hi, I’m Bill Gates, Would you please give me access to my bank account ? Password / PIN (PC) Sure, Trust Me! SMART

EU Is Addressing the Problem  France: 1999 Cyber-Comm specification for trusted smart card readers for consumer usage  Banks, Credit Card and Smart Card Companies  Authentication of smart card and keypad input performed in reader  Secure output – LCD display on reader  EU: July, 2001 FinRead specification for trusted reader devices  Banks, Governments, Technology Companies  Programmable, multi-application/services platform through Java applets  Global Trust Authority as source of trust for system  Integrated services business model for deployment 11/27/014

EMBASSY Trusted Client Systems Processor Memory Interfaces /Storage Clock Crypto Music DRM Digital Signature Video PPV Trust Assurance Network Digital Signature Digital Signature Music DRM Music DRM Hard Disk Digital Signature Video PPV Video PPV Application EMBASSY CHIP/ Trusted OS Music DRM ‘Sovereign and Protected Place in a Hostile Territory’

Strategic: Independent Trust Domains EMBASSY Device Trust Domain Shared, Multi-Party Trusted Devices SERVICE C Trust Domain Applet C Applet B SERVICE B Trust Domain SERVICE A Trust Domain Applet A

Strong Authentication Content Protection Services Delivery E-Commerce Privacy Protection Platform Security Secure Peer-Peer Conditional Access Distributed Transactions Secure Applets Trusted Operating System EMBASSY Trusted Client Chip Trust Assurance Network Developer Kits EMBASSY Trusted Client Applications

EMBASSY-enabled Devices PC USB secure input devices Interfaces to support multiple inputs: Key matrix Smart cards LCD - output Biometrics GPS Mag stripe Serial devices Keyboards (Samsung, PC OEMs) Smart Card Readers (SSP/Litronics, SCM, Securelink/CPS) PC/SC and EMV-Compliant New platform for services and security applications to PCs