• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
.ppt
 

.ppt

on

  • 559 views

 

Statistics

Views

Total Views
559
Views on SlideShare
559
Embed Views
0

Actions

Likes
0
Downloads
2
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Future HCI may include involuntary “saccades” of the eyes for verifying recognition
  • Future HCI may include involuntary “saccades” of the eyes for verifying recognition

.ppt .ppt Presentation Transcript

  • Future Directions in User Authentication Burt Kaliski, RSA Laboratories Presented at Beijing University April 10, 2006
  • Introduction
    • User authentication is a cornerstone of IT security, one that is changing rapidly
    • Many areas of technology development will have a significant impact on user authentication over the next decade
    • Here, I’ll offer a researcher’s perspective on five of those areas, with examples among RSA Security’s products
    • We’ll also envision a day in the life of a future user, “Sally Surfer”
    • Based on presentation given at IT-Defense 2005
  • #1: Trusted Computing
    • PDAs, WLAN cards, and DRM devices are good examples today of user authentication built upon device authentication
    • Trusted computing offers the promise that the device can authenticate the user on behalf of the network
    Users will authenticate through trusted computing platforms, which will in turn represent the user to the network
    • Will trusted computing platforms be sufficiently trusted to authenticate future users directly, or will some network verification still be involved?
    • How will the many associations between users and devices be managed?
  • #1: Trusted Computing
    • PDAs, WLAN cards, and DRM devices are good examples today of user authentication built upon device authentication
    • Trusted computing offers the promise that the device can authenticate the user on behalf of the network
    Users will authenticate through trusted computing platforms, which will in turn represent the user to the network
    • RSA ® Sign-On Manager, RSA SecurID ® for Microsoft ® Windows ® are initial steps toward the trusted desktop concept
  • #2: RFID and Other Wireless Authenticators
    • e-Passports incorporate RFID chips; NIST’s Personal Identity Verification card combines smart card, ISO 14443 prox. card
    • RFID for the supply chain tracking is already leading to wireless user authenticators, e.g., VeriChip TM
    Users will authenticate via RFID and other wireless devices, as logical and physical authentication technologies converge
    • Users will authenticate to buildings via wireless; will they also authenticate directly via wireless to the desktop?
    • Will mobile phones be the wireless authenticators of the future, or will they just be another device to unlock? Or both?
  • #2: RFID and Other Wireless Authenticators
    • e-Passports incorporate RFID chips; NIST’s Personal Identity Verification card combines smart card, ISO 14443 prox. card
    • RFID for the supply chain tracking is already leading to wireless user authenticators, e.g., VeriChip TM
    Users will authenticate via RFID and other wireless devices, as logical and physical authentication technologies converge
    • RSA SecurID ® 5100 smart card supports proximity authentication
    • RSA Professional Services has launched an RFID security & privacy consulting service
  • Belly-Button Ring Identifiers
    • If your mobile phone is your future authenticator, how do you authenticate to your mobile phone?
    • One possibility is based on MIT’s “beeper-based” signature concept (R. Rivest, A. Lysyanskaya)
      • “Beeper” that you wear — maybe a belly button ring? — sends low-power signal to your phone
      • Fresh signal required for phone to generate digital signatures — otherwise phone won’t sign
    • Beeper can authenticate you to your phone, and/or you and your phone to the network
  • Privacy Considerations
    • If a beeper authenticates you to your phone, how do you keep it from identifying you to someone else?
    • Problem is quite similar to that for RFID tags, and solutions developed there may apply here as well
    • Basic privacy design principles:
      • Simple devices like “belly button rings” should only identify themselves to one’s local, personal devices, e.g. mobile phone
      • More powerful devices like phones can then make informed decisions about whether to identify the user elsewhere
    • Practical privacy and authentication solutions for these settings remain a research challenge
  • Application: Proximity Cards
    • Electronic “belly button rings” aren’t here yet, but wireless proximity devices are becoming widespread
    • Without appropriate protections, a proximity card will identify itself to any reader that interfaces with it
      • Significant privacy and security risks, depending on what the “identity” contains
      • Even with a random identifier, tracking and cloning are still a concern
    • ISO 14443, basic RFID tag specifications offer little protection, but privacy-enhancing technologies are available
      • Examples: foil pouches, blocker tags, minimalist cryptography
  • #3: Knowledge-Based Authentication
    • “Life questions” are quite common already for password reset, as well as account enrollment
    • Human-computer interfaces offer new possibilities for authentication, e.g., Passface TM
    Users will authenticate based on what they know — and what they’re able to do — in new and sophisticated ways
    • How will the security of “knowledge” be measured — and who will be the keepers of the knowledge ?
    • What other HCI can be relied on, as knowledge and biometrics converge?
  • #3: Knowledge-Based Authentication
    • “Life questions” are quite common already for password reset, as well as account enrollment
    • Human-computer interfaces offer new possibilities for authentication, e.g., Passface TM
    Users will authenticate based on what they know — and what they’re able to do — in new and sophisticated ways
    • IntelliAccess TM technology in RSA Sign-On Manager embodies several early results of our research on life questions
  • Life Questions: from Art to Science
    • Few metrics have been established on the security of answers to specific life questions, which depends on factors such as:
      • User demographics
      • Attacker’s resources
      • Attacker’s relationship to the user
    • Further research on the security of life questions and other forms of KBA is needed to have a solid foundation
    • Also to be considered: How to verify the answers, while minimizing their exposure at the verifier
      • Ideally, without seeing or storing them
  • #4: Anonymity
    • Trusted Computing Group’s Direct Anonymous Attestation (Brickell et al.) is an important step in this direction: device proves group membership without revealing its identity
    • Chaumian constructs still hold much promise!
    Users will authenticate anonymously in many cases: as to their privileges, not necessarily their identities
    • Identity federation provides simple anonymity via pseudonyms; will more sophisticated solutions be needed?
    • Will anonymous authentication be the norm (perhaps revocable in case of dispute), or will it be the exception?
  • #4: Anonymity
    • Trusted Computing Group’s Direct Anonymous Attestation (Brickell et al.) is an important step in this direction: device proves group membership without revealing its identity
    • Chaumian constructs still hold much promise!
    Users will authenticate anonymously in many cases: as to their privileges, not necessarily their identities
    • Identity federation in RSA ClearTrust ® provides simple anonymity via pseudonyms, following SAML
  • #5: Password Protection
    • Though better password protocols are available (EKE, SPEKE, SNAPI, etc., …), passwords are still typically sent in the clear to applications that request them — whether trustworthy or not
    • Hashing is also an option (Stanford PwdHash plug-in)
    Users will authenticate with passwords sometimes, but the passwords will be better protected, and it will be mutual
    • Will password authentication be standardized, so that better protocols can be applied by default? How will such protocols be integrated with server certificates and SSL?
    • Will desktop password managers obviate the need for direct user knowledge of passwords?
  • #5: Password Protection
    • Though better password protocols are available (EKE, SPEKE, SNAPI, etc., …), passwords are still typically sent in the clear to applications that request them — whether trustworthy or not
    • Hashing is also an option (Stanford PwdHash plug-in)
    Users will authenticate with passwords sometimes, but the passwords will be better protected, and it will be mutual
    • Phishing countermeasures have been a major focus of research in the CTO’s office
    • RSA Sign-On Manager offers a platform for this better kind of password protection
  • #5: Password Protection
    • Though better password protocols are available (EKE, SPEKE, SNAPI, etc., …), passwords are still typically sent in the clear to applications that request them — whether trustworthy or not
    • Hashing is also an option (Stanford PwdHash plug-in)
    Users will authenticate with passwords sometimes, but the passwords will be better protected, and it will be mutual
    • RSA/Cyota risk-based authentication, eFraud Network TM enhance passwords auth. via profiling, challenge questions, call-back, etc.
    • eStamp TM offers simple mutual authentication
  • Summary of the Five Areas
    • Future users will authenticate …
    • through trusted computing platforms, which will in turn represent the user to the network
    • via RFID and other wireless devices, as logical and physical authentication technologies converge
    • based on what they know — and what they’re able to do — in new and sophisticated ways
    • anonymously in many cases: as to their privileges, not necessarily their identities
    • with passwords sometimes, but the passwords will be better protected, and the authentication will be mutual
  • Many Other Areas
    • I’ve highlighted some of the technologies that will affect user authentication. There are many others that one could cover:
      • Identity federation
      • One-time passwords and PKI authentication
      • Biometrics
      • Age-group recognition (e.g., i-Mature)
      • CAPTCHA TM s (Completely Automated Public Turing tests to tell Computers and Humans Apart)
    • Additional options will emerge for user authentication as information technology matures. What will tomorrow’s users experience?
  • Aside: Business Futures
    • Four complementary trends will also affect the landscape as the diverse set of authentication technologies matures:
    • Hardware manufacturers will compete with an array of different containers as particular technologies become commoditized
    • Identity providers will add a menu of related services from fulfillment to help desk support
    • Application providers will establish all kinds of markets on the foundation of strongly authentication identities
    • Business models will become the focus as authentication transforms from a technology into a standardized service
  • A Day in the Life of Sally Surfer
  • At Home in the Morning
    • Sally signs into her home computer
      • She authenticates with her RFID “beeper”
    • She checks her personal e-mail
      • The computer authenticates Sally to her Internet service provider, and downloads her mail
    • Sally pays a bill at BanksRUs.com
      • Sally’s ISP federates her authentication to the bank
    • Her computer signs her off automatically when she leaves
  • On the Road
    • Sally drives to work, pays tolls by the km
      • She authenticates to her car via her beeper
      • Her car authenticates her and pays the toll (anonymously?) via a wireless protocol
    • She parks in the underground parking lot
      • Her car again authenticates her to the parking lot
    • She enters the office building and takes the elevator to her office
      • She authenticates to security checkpoints with her employee badge via RFID
  • At the Office
    • Sally signs into her office computer
      • She authenticates with her employee badge, which unlocks her passwords and credentials
    • It’s a typical day’s work: sending e-mail, running applications, accessing corporate resources
      • Her computer authenticates her seamlessly via passwords, credentials, identity federation
      • Her badge is checked occasionally for extra assurance
    • She prints her itinerary for tomorrow’s trip
      • The airline site isn’t yet linked to her corporate identity, so she authenticates with her knowledge: dates, cities, freq. flyer number
  • The End of Another Day
    • Sally drops by Alta Beach Club to visit with friends
      • She authenticates to the VIP area with an RFID tag
    • At home, she checks her old account at Retro Bank
      • She authenticates with a better protected password
    • Sally requests investment advice from NoBubble.com
      • She authenticates anonymously, proving her prepaid subscription
    • Sally sleeps peacefully — confident that her electronic identity is protected by strong, convenient user authentication
  • Conclusions
    • As strong user authentication becomes more important, technologies to achieve it will become more convenient
    • Much research is still needed on these technologies, and how they’ll be put into practice
    • Managing the various approaches in a way that is a seamless, reliable and measurable will be a key to successful future user authentication
    • With that success, we’ll all experience the ease of Sally Surfer, making the most of the information technologies available for us to do our work
  • Contact Information
    • Burt Kaliski Vice President of Research, RSA Security Chief Scientist, RSA Laboratories [email_address] www.rsasecurity.com/rsalabs
  •