Presentation is loading. Please wait.

Presentation is loading. Please wait.

SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.

Published byNelson Maxwell Modified over 8 years ago

Similar presentations

Presentation on theme: "SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant."— Presentation transcript:

1 SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant

2 SPD2 AGENDA Background Core Technologies Schlumberger Solutions Questions & Answers

3 SPD3 Market facts (CSI/FBI)

4 SPD4 How Does One Authenticate? One Factor - What you know – Password Two Factors - What you have – Smart card Three Factors - What you are – Biometric => Balance between convenience, privacy, and security

5 SPD5 A Corporate Smart Badge? Passwords are expensive and provide poor security Many different standards increase management complexity and help desk support Increasing network fraud, poor security around transactions and messaging Hard drive based security can be improved =>One single ID card for both secure physical and logical access

6 SPD6 Smart Cards for Corporate Login Million Units Dataquest/Card Technology 5/01 By YE ‘04 33% of W2K/XP users will login via smart card ( Gartner Group)

7 SPD7 CORE TECHNOLOGIES Public Key Infrastructure Smart Cards Proximity Cards

8 SPD8 PKI Symmetric Model

9 SPD9 PKI Asymmetric Model

10 SPD10 PKI Public Key Cryptography Fundamentals Two keys, one you keep secret (private) and one you let everyone else know (public) Important property: –If data is encrypted with a public key, the only way to decrypt is by having the private key –If data is encrypted with a private key, the only way to decrypt is by having the public key Combined with secret key algorithms provides: authentication, bulk encryption, and integrity

11 SPD11 Digital Certificates Public Keys are distributed in the form of Certificates. –Binding between “identity” and a public key –Digital equivalent of employee badge, drivers license – universal –Issued by Certificate Authorities (CAs) to clients, servers, objects –Trust and accreditation of CA is a major component of Public Key Infrastructure: to what extent can you be sure a certificate truly binds a public key to an entity A Digital Certificate contains the sender’s public key, and also the trusted authority’s digital signature.

12 SPD12 What’s in a Digital Certificate? Defined by ITU standard X.509 –supported by Netscape,iPlanet, Entrust, MS IE, MS IIS, Lotus Domino 5, … Certificate typically contain: –Name of owner and their public key –Name and signature of Certificate Authority –Expiration date, serial number –Algorithms used for encryption & signing X.509 v3 permits arbitrary attribute-value pairs (e.g. credit card #, access control information, certificate policies….)

13 SPD13 Smart Card Overview Total sales of 1.5B units in 2000 –GSM requires smart card (SIM) –Credit cards, AMEX blue, DoD. Already a proven, secure technology Almost unanimous agreement among analysts and experts that smart cards are an ideal token for storage of important digital credentials, such as private keys, biometrics, etc.

14 SPD14 Reflex 72Reflex 20 CARD READERS Middleware CRYPTO CARD Cryptoflex 4K, 8K, 16K JAVA CRYPTO CARDS Cyberflex Palmera Protect 16K, 32K Cyberflex Access II 16K, 32K SLB Smart Card Products

15 SPD15 e-Gate: the next generation e-Business Smart Card: Access e-Gate –32K Access II card with embedded USB driver. –Simple, inexpensive reader plugs directly into USB port –e-Gate Card+Reader vs. ISO Card+Reader: 30% less –Electron d’or award, 2000

16 SPD16 Smart Card Kits

17 SPD17 Proximity Cards HID Proximity Card –125 kHz proximity antenna and chip –Popular in the US –Personalize by HID MIFARE Contactless Smart Card –13.56 MHz contactless antenna –Popular outside of the US –Personalize by our CIS

18 SPD18 Schlumberger Smart Badge Integration Network access Secure log in Digital signatures Web authentication Password storage Public key infrastructure Payment loyalty programs Physica l access Corporate identity E-commerce entitlement control authentication authorization accounting

19 SPD19 Single Sign-On (SSO) Enable authentication to be managed consistently across the enterprise Allow a user to log in just once Transparent access to a variety of permitted information systems Integration of stronger authentication services to support SSO using the Corporate Badge

20 SPD20 Smart Login Smart Card based password store for Windows, enabling reduced Sign On. Support IE, Netscape, and any Windows Login dialog. Windows 2000/NT/9x. Automatic Login.

21 SPD21 Demo Demonstrate Smart Card Login on Windows 2000 And secure screen lock

22 SPD22 Demo 1-2 After Windows boot, SLB GINA dialog is displayed On card insertion, user is prompted for PIN verification If successful, access is granted to desktop and related networks

23 SPD23 Demo 2-2 On card removal (typically when the user walks away from his computer), the computer locks itself automatically It is unlocked using the same process as initial logon (PIN verification

24 SPD24 SC & Reader Card Software DirectoryCA Policy Server CMS Physical Access Technical Consulting Custom Applications E- Commerce VPN Loyalty Design & Integration Project Management Deployment Training 24x7 Help Desk Schlumberger’s total solution

25 SPD25 Smart Badge Movie

26 SPD26 Q & As Questions and Answers

Download ppt "SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant."

Similar presentations

What is. Digital Certificate It is an identity.

What is. Digital Certificate It is an identity.
Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
PKI Implementation in the Real World

PKI Implementation in the Real World
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Mobile Credentials Ennio J. Carboni Product Manager, Keon PKI

Mobile Credentials Ennio J. Carboni Product Manager, Keon PKI
Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.
Authentication choices! Vincent van Kooten: Business Sales Manager Benelux Distributed by -

Authentication choices! Vincent van Kooten: Business Sales Manager Benelux Distributed by -
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.

Similar presentations

Ads by Google