STRONG AUTHENTICATION
& THE CLOUD – FIDO ALLIANCE
RAMESHKESANUPALLI,
FOUNDER,NOKNOKLABS
FIDOVISIONARY
CONNECTEDWORLD
2
Everything
Authenticates
50 Billion
Connected Devices 
(by 20201)

Internet of
Things
Mobile Payments
Boo...
RAMPANTONLINEATTACKS 
3
•  Major hacks have been targeted
at password databases within
Online Gaming, Financial
Services, ...
IDENTITYANDAUTHENTICATIONLANDSCAPE
•  99% OF ONLINE ATTACKS AND IDENTITY THEFT ARE CONNECTED TO
PASSWORD THEFT
•  CURRENT ...
TODAY’S AUTHENTICATIONSOLUTIONS
FALLSHORT
5
Easy 
but
WEAK 
DIFFICULT
but
Strong
Easy to
Use
AND
Strong
Desired !!
COMMONAUTHENTICATIONPLUMBING
6
Users
Cloud/
Enterprise
Devices
Federation
Open Standard
Plug-In Approach
Interoperable Eco...
7
MICHAEL
BARRETT
FORMER
CHIEF INFORMATION
SECURITY OFFICER
RAMESH
KESANUPALLI
FORMER CTO
TAHER
ELGAMAL
INVENTOR OF SSL
CU...
8
INDUSTRYCOOPERATIONREQUIRED
NO ONE COMPANY CAN FIX THE PROBLEM
15MONTHSAGO
PUBLIC LAUNCH
FIDO’SEXPLOSIVEGROWTH
9
Industry 
Standard
Feb 2013
 May 2014
 Next
6	
  	
   118	
  
Companies Companies
Public
Launch
Pu...
10
THEFIDOALLIANCEANDNOKNOKLABS
11
Standards	
   Products	
  
Industry Standard
Protocol 
“FIDO Ready™”
FIRST FIDO Ready™ 
Se...
FIDO-UNIQUEAPPROACH
AnyDevice.AnyApplication.AnyAuthenticator.
12
Standardized Protocols
Local authentication
unlocks app ...
MORESECUREAUTHENTICATION




13
Unique Cryptographic Secrets
Feature	
   Security	
  Benefit	
  	
  
Unique key per user/de...
FUTUREPROOF
14
Standardized Protocol
Plugin any authentication 
method on device
?
Decouple Method <-> Protocol
 Standardi...
Single Infrastructure
REDUCEDCOST&COMPLEXITY
15
Any Device
 Risk Appropriate
Lower Cost &
Complexity
USABILITY&DIVERSITY
16
Usability 
 Usage
•  No passwords 
•  Existing devices
•  Flexible authentication 
•  Engagement
• ...
FIDOSOLUTIONSDEMONSTRATEDAT
INDUSTRYEVENTS
SIM	
  as	
  Secure	
  Element	
  
Fingerprint,	
  TEE,	
  Mobile	
  
Speaker	
...
FIDO-READYTM PRODUCTSSHIPPINGTODAY
OEM	
  Enabled:	
  Lenovo	
  ThinkPads	
  with	
  	
  
Fingerprint	
  Sensors	
  
OEM	
...
CALLTOACTION
•  AUTHENTICATIONISAFUNDAMENTALPROBLEM ANDITISAN
INDUSTRYPROBLEM

•  NOONECOMPANYCANFIXTHISPROBLEM,JOINTHEFID...
THANKS!
Email: ramesh@noknok.com
https://www.youtube.com/watch?v=ffLERYgteJQ 
 

Sponsored By
Upcoming SlideShare
Loading in...5
×

2014 IoT Forum_ Fido Alliance

13,371

Published on

Topic: Scaling Authentication to the Internet of Things
Speaker: Ramesh Kesanupalli (Visionary Fido Alliance)

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
13,371
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
232
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

2014 IoT Forum_ Fido Alliance

  1. 1. STRONG AUTHENTICATION & THE CLOUD – FIDO ALLIANCE RAMESHKESANUPALLI, FOUNDER,NOKNOKLABS FIDOVISIONARY
  2. 2. CONNECTEDWORLD 2 Everything Authenticates 50 Billion Connected Devices (by 20201) Internet of Things Mobile Payments Books 60 Billion Apps downloaded (Apple App Store, Oct 20132) Personalized content M-Commerce Music Cloud Services Social networks Financial services Medical records Connected Devices Hub
  3. 3. RAMPANTONLINEATTACKS 3 •  Major hacks have been targeted at password databases within Online Gaming, Financial Services, Social Media organizations •  Password Re-use is a significant problem – technical analysis of data breaches have shown that 76% of passwords used across multiple sites.
  4. 4. IDENTITYANDAUTHENTICATIONLANDSCAPE •  99% OF ONLINE ATTACKS AND IDENTITY THEFT ARE CONNECTED TO PASSWORD THEFT •  CURRENT TWO FACTOR SOLUTIONS RIDE ON TOP OF PASSWORDS AND ARE: •  EXPENSIVE •  COMPLEX •  DO NOT SCALE •  PROPRIETARY •  TO COMPLICATED TO DEPLOY OR SWITCH •  NO SCALABLE CONSUMER AUTHENTICATION SOLUTION •  HIGHER SECURITY TODAY REQUIRES MORE TRANSACTION FRICTION ACCOUNT NAME AND PASSWORDS DO NOT WORK ON MOBILE DEVICES CLOUD SERVICES NEED STRONG AUTHENTICATION TO MITIGATE RISKS Authentication is KEY - whether it is User to Device, User to Service, Device to Device, Device to Service
  5. 5. TODAY’S AUTHENTICATIONSOLUTIONS FALLSHORT 5 Easy but WEAK DIFFICULT but Strong Easy to Use AND Strong Desired !!
  6. 6. COMMONAUTHENTICATIONPLUMBING 6 Users Cloud/ Enterprise Devices Federation Open Standard Plug-In Approach Interoperable Ecosystem Usable Authentication WHATISNEEDED
  7. 7. 7 MICHAEL BARRETT FORMER CHIEF INFORMATION SECURITY OFFICER RAMESH KESANUPALLI FORMER CTO TAHER ELGAMAL INVENTOR OF SSL CURRENTLY FOUNDER, CHIEF ALLIANCES OFFICER AND FIDO VISIONARY CURRENTLY CTO SECURITY CURRENTLY BOARD MEMBER VISIONARIES PHIL DUNKELBERGER FORMER CEO CURRENTLY PRESIDENT AND CEO
  8. 8. 8 INDUSTRYCOOPERATIONREQUIRED NO ONE COMPANY CAN FIX THE PROBLEM 15MONTHSAGO PUBLIC LAUNCH
  9. 9. FIDO’SEXPLOSIVEGROWTH 9 Industry Standard Feb 2013 May 2014 Next 6     118   Companies Companies Public Launch Public Review Spec Companies
  10. 10. 10
  11. 11. THEFIDOALLIANCEANDNOKNOKLABS 11 Standards   Products   Industry Standard Protocol “FIDO Ready™” FIRST FIDO Ready™ Server and Client Software: NNL S3 Suite Key Industry Partnerships
  12. 12. FIDO-UNIQUEAPPROACH AnyDevice.AnyApplication.AnyAuthenticator. 12 Standardized Protocols Local authentication unlocks app specific key Key used to authenticate to server
  13. 13. MORESECUREAUTHENTICATION 13 Unique Cryptographic Secrets Feature   Security  Benefit     Unique key per user/device/site Segmentation of risk High-entropy asymmetric keys instead of passwords Protection against dictionary, brute force attacks Secrets not exposed to user Protection against phishing, key logging, shoulder surfing User Account Device Site
  14. 14. FUTUREPROOF 14 Standardized Protocol Plugin any authentication method on device ? Decouple Method <-> Protocol Standardize Protocol 1 2 Authentication clients for any device
  15. 15. Single Infrastructure REDUCEDCOST&COMPLEXITY 15 Any Device Risk Appropriate Lower Cost & Complexity
  16. 16. USABILITY&DIVERSITY 16 Usability Usage •  No passwords •  Existing devices •  Flexible authentication •  Engagement •  Completed transactions •  Security compliance Drives   Aspirational Goal
  17. 17. FIDOSOLUTIONSDEMONSTRATEDAT INDUSTRYEVENTS SIM  as  Secure  Element   Fingerprint,  TEE,  Mobile   Speaker  Recogni<on   Mobile  via  NFC   PIN  +  MicroSD   USB  
  18. 18. FIDO-READYTM PRODUCTSSHIPPINGTODAY OEM  Enabled:  Lenovo  ThinkPads  with     Fingerprint  Sensors   OEM  Enabled:  Samsung  Galaxy  S5   Clients  available  for  these  opera<ng  systems:   SoNware  Authen<cator  Examples:   Speaker/Face  recogni<on,  PIN,  QR  Code,  etc.   ANermarket  Hardware  Authen<cator  Examples:   USB  fingerprint  scanner,  MicroSD  Secure  Element  
  19. 19. CALLTOACTION •  AUTHENTICATIONISAFUNDAMENTALPROBLEM ANDITISAN INDUSTRYPROBLEM •  NOONECOMPANYCANFIXTHISPROBLEM,JOINTHEFIDO ALLIANCE&HELPFIXITTOGETHER •  OPPORTUNITYTOCREATENEWSERVICES,NEWMARKETS,NEW INNOVATIONS,NEWBUSINESSESANDNEWREVENUEMODELS •  TAKETHELEADERSHIP,INCLUDEFIDOSUPPORTATTHE SOURCEONYOURDEVICES •  FIDOREADYTM COMMERCIALPRODUCTSAREAVAILABLEINTHE MARKET •  MAKETHECONNECTEDWORLDSECURE,PRIVATE,FRAUD FREE,EASYTOUSEANDSTAYCONNECTED 19
  20. 20. THANKS! Email: ramesh@noknok.com https://www.youtube.com/watch?v=ffLERYgteJQ Sponsored By
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×