Your SlideShare is downloading. ×
  • Like
CIS14: Authentication: Elderly People's Ankles
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

CIS14: Authentication: Elderly People's Ankles

  • 277 views
Published

Josh Alexander, Toopher …

Josh Alexander, Toopher

Discussion of precisely why modern approaches to user authentication fail and how we can add bandwidth to our perspective to prevent attacks without the hindering aspects that ruin user experience.

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
277
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
11
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Elderly People’s Ankles
  • 2. Characterizing Artifacts of Legacy Security Technology and Their Effects on Modern Applications of Authentication and Authorization
  • 3. Hi.
  • 4. Nay @toopherjosh
  • 5. Ian Glazer and I have a bet…
  • 6. Who can use the most slides without affecting quality?
  • 7. I
  • 8. will
  • 9. win.
  • 10. Let’s get to it –
  • 11. Picture of “children”
  • 12. Let’s play a game.
  • 13. Seriously… I’ll wait until you agree…
  • 14. Picture 1.2
  • 15. Picture 1.1
  • 16. Picture 2.1
  • 17. Picture 2.2
  • 18. Picture 2.2
  • 19. Picture 2.2
  • 20. Statistics
  • 21. µ
  • 22. σ
  • 23. The null
  • 24. There is a 68% chance this is boring.
  • 25. A long long time ago…
  • 26. In the year 2000…
  • 27. Don’t judge – you had one too.
  • 28. Where even the water has calories
  • 29. null hypothesis = you are a good person
  • 30. You are a terrorist.
  • 31. null hypothesis = you are a terrorist.
  • 32. You are a terrorist shoe bomber.
  • 33. null hypothesis = you are a shoe bomber.
  • 34. elderly people’s ankles
  • 35. elderly people’s ankles
  • 36. EPA
  • 37. Picture 3.1
  • 38. Picture 3.2
  • 39. You are not you.
  • 40. You are not you.
  • 41. You are not you.
  • 42. null hypothesis = you are not you.
  • 43. you are not you.
  • 44. you are not you. your user
  • 45. you are not you. your user customer
  • 46. 1 act play
  • 47. Act 1 <login>
  • 48. 3 act play
  • 49. Act 1 <login>
  • 50. Act 2 <action>
  • 51. Act 3 <logout>
  • 52. Yes… I totally had to look all that up on wiki
  • 53. ?
  • 54. Act 1 <login>
  • 55. Act 2 <action>
  • 56. <Act 1>
  • 57. Act 1 <login>
  • 58. Act 2 <action>
  • 59. A Happy Ending?
  • 60. Repetition Poisoning
  • 61. We  retain  the  right  to  rename  your  kids  
  • 62. Repetition Poisoning
  • 63. Repetition Poisoning Test
  • 64. ILK BILK SILK
  • 65. What fiber to SILKworms produce?
  • 66. ILK BILK SILK
  • 67. ILK BILK SILK
  • 68. What’s another word for DEFRAUD?
  • 69. ILK BILK SILK
  • 70. ILK BILK SILK
  • 71. What’s a word to describe a person or thing similar to which you’ve previously referred?
  • 72. ILK BILK SILK
  • 73. ILK BILK SILK
  • 74. What do cows drink?
  • 75. Wrong.
  • 76. Cows drink water.
  • 77. </Act 1>
  • 78. <Act 2>
  • 79. ?
  • 80. <Act 2.1>
  • 81. U/P + device recognition < MITB
  • 82. U/P + device recognition < Zeus
  • 83. 1 / 30 days
  • 84. 3-4 times per day
  • 85. MFA @ 1%
  • 86. invisibility ≠ omission
  • 87. </Act 2.1>
  • 88. <Act 2.2>
  • 89. ?
  • 90. UX
  • 91. UX è optimized
  • 92. UX è optimized = no modification to human behavior
  • 93. Context
  • 94. </Act 2.2>
  • 95. <Act 2.31>
  • 96. Identity is valuable.
  • 97. Identity, Inc.; NYSE: IDNT
  • 98. Yeah you are.
  • 99. </Act 2.31>
  • 100. <Act 2.32>
  • 101. The Internet of Things (IoT)
  • 102. The Internet of Things (IoT) <groan>
  • 103. Relying Party Benefit User Benefit
  • 104. Relying Party Benefit User Benefit
  • 105. Context creates invisibility.
  • 106. Invisibility enables security.
  • 107. </Act 2.32>
  • 108. <Act 3>
  • 109. Act 3 <logout>
  • 110. ?
  • 111. Optimize UX
  • 112. Context creates invisibility.
  • 113. Invisibility enables security.
  • 114. </Act 3>
  • 115. Session  Login   Cri5cal  Ac5on   Session  Logout  
  • 116. Shift in perspective can identify EPAs
  • 117. Invisibility enables security.
  • 118. Great. So what do I do?
  • 119. Laws of Modern MFA
  • 120. 1. Tell the user what you’re doing.
  • 121. 2. Communicate completely out of band.
  • 122. 3. Get out of their way (invisibility)
  • 123. 1. Tell the user what you’re doing. 2. Communicate completely out of band. 3. Get out of their way (invisibility) Laws of Modern MFA
  • 124. @toopherjosh Thanks.