Faysal Boukayoua    KaHo Sint-Lieven, Ghent        IFIP Summer school       Trento, 07/09/20111
   Motivation       Application Overview       Implementation       Evaluation        ◦ Attacks        ◦ Comparison   ...
Passwords                   Weak security                   Can be stolen by malware                   Human memory lim...
Smartcards                    Suitable hardware required                    Proliferation vs. usability                 ...
Security tokens                         Hardware cost                         Software tokens prone to                  ...
2-factor SMS    authentication                        Password/token mgmt                        2G GSM security        ...
Federated      Identity      Limited user control    Management      Identity provider can                     profile u...
More mobility &   Smartphones   Mobile Internetmore computers    omnipresent    penetration8
Service             Identity    User                           provider            provider    • Ubiquitous access    • Ob...
   What?         ◦ 2-dimensional barcodes         ◦ ~ 600 bytes of data        Why?         ◦ Camera common in modern   ...
User                    Trusted module                 Workstation               Web Server        1. Go to Web service   ...
   Tamperproof        Strong cryptography        Secure credential storage        Giesecke & Devrient Mobile         S...
SPi         IDX         Trusted module is mediator between          ◦ Identity providers          ◦ Service providers    ...
   Privacy properties         ◦ No profiling           by identity providers           by colluding providers         ◦...
   Samsung Galaxy S        Android 2.2.1        3G connection        Trusted module in SD card         slot15
   Authentication valve as Tomcat         filter        No modifications, only         extensions        Required attri...
   Simple webservice        Attribute provisioning        Secure authentic channel with         trusted module17
   Assumptions:         ◦ Trust in phone software while physically in presence           of user         ◦ Access control...
   MODEL 1: Physical control         over phone.         ◦   Secure credential storage         ◦   Tamperproof trusted mo...
   MODEL 2: malware controls         workstation INCLUDING browser         ◦ Credentials stored on trusted           modu...
   MODEL 3: malware controls         workstation EXCEPT browser         ◦ Credentials stored on trusted           module ...
   MODEL 4: active and passive         network eavesdropping     From             To                 Channel     Workstat...
Software   Hardware     Our                    Password    Smartcard                                                token ...
Traditional   OpenID   Shibboleth      Windows      Our                   authenti-                            Cardspace  ...
   Enforcement of trusted code in phone        Standards interoperability        Automate authentication decisions (pol...
26
Upcoming SlideShare
Loading in...5
×

Using a Smartphone to Access Personalised Web Services on a Workstation

774

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
774
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Using a Smartphone to Access Personalised Web Services on a Workstation

  1. 1. Faysal Boukayoua KaHo Sint-Lieven, Ghent IFIP Summer school Trento, 07/09/20111
  2. 2.  Motivation  Application Overview  Implementation  Evaluation ◦ Attacks ◦ Comparison  Future work2
  3. 3. Passwords  Weak security  Can be stolen by malware  Human memory limitations  No attribute provisioning3
  4. 4. Smartcards  Suitable hardware required  Proliferation vs. usability  Trust in workstation (PIN)4
  5. 5. Security tokens  Hardware cost  Software tokens prone to malware  Proliferation vs. usability  No selective attribute disclosure5
  6. 6. 2-factor SMS authentication  Password/token mgmt  2G GSM security questionable  Part of credentials still malware-prone6
  7. 7. Federated Identity  Limited user control Management  Identity provider can profile users  One identity provider per user  User impersonation  Password/token mgmt7
  8. 8. More mobility & Smartphones Mobile Internetmore computers omnipresent penetration8
  9. 9. Service Identity User provider provider • Ubiquitous access • Obtain reliable • Provide reliable to Web services user info user info • Security & privacy • Authenticated • Personalisation provisioning9
  10. 10.  What? ◦ 2-dimensional barcodes ◦ ~ 600 bytes of data  Why? ◦ Camera common in modern phones ◦ Every workstation has a screen…10
  11. 11. User Trusted module Workstation Web Server 1. Go to Web service 2. Request Web service 3. Auth challenge (QR) 4. Auth challenge (QR scan) 5. Ask for consent 6. Review & give consent alt [consent given] 7. Mutually authenticate (out-of-band) 8. Confirm authentication [else] 7. Abort11
  12. 12.  Tamperproof  Strong cryptography  Secure credential storage  Giesecke & Devrient Mobile Security Card SE 1.012
  13. 13. SPi IDX  Trusted module is mediator between ◦ Identity providers ◦ Service providers  Access to attributes controlled by ◦ external authorities: certificates ◦ user consent13 13
  14. 14.  Privacy properties ◦ No profiling  by identity providers  by colluding providers ◦ Access control to personal information  by audit authority  by user ◦ No user impersonation14 14
  15. 15.  Samsung Galaxy S  Android 2.2.1  3G connection  Trusted module in SD card slot15
  16. 16.  Authentication valve as Tomcat filter  No modifications, only extensions  Required attributes list  Secure, authentic channel with trusted module16
  17. 17.  Simple webservice  Attribute provisioning  Secure authentic channel with trusted module17
  18. 18.  Assumptions: ◦ Trust in phone software while physically in presence of user ◦ Access control & authorisation out of scope18
  19. 19.  MODEL 1: Physical control over phone. ◦ Secure credential storage ◦ Tamperproof trusted module ◦ PIN authentication ◦ Revocation19
  20. 20.  MODEL 2: malware controls workstation INCLUDING browser ◦ Credentials stored on trusted module ◦ Authentication out-of-band ◦ Feedback on phone20
  21. 21.  MODEL 3: malware controls workstation EXCEPT browser ◦ Credentials stored on trusted module ◦ Authentication out-of-band ◦ Feedback on phone ◦ Malware cannot make user authenticate wrong session21
  22. 22.  MODEL 4: active and passive network eavesdropping From To Channel Workstation Service provider HTTP over TLS Trusted module Service provider Secure authentic on phone channel Trusted module Identity provider Secure authentic on phone channel22
  23. 23. Software Hardware Our Password Smartcard token token solutionStrong security No Yes Yes Yes YesSelectiveattribute No Typically not No No YesdisclosureProliferation vs.usabilityTrust in Yes Sometimes Yes No NoworkstationChanges to No Sometimes Yes No NoworkstationMarginalhardware cost / Zero >= 0 Zero >0 Zeronew SP
  24. 24. Traditional OpenID Shibboleth Windows Our authenti- Cardspace solution cationMultiple IDPs / No No No Yes YesuserProfiling bycolluding IDPs n/a Yes Yes No No& SPsPhishing Yes Yes Yes No NoattacksUser-controlled No No Using plugin Yes YesattributedisclosurePortability
  25. 25.  Enforcement of trusted code in phone  Standards interoperability  Automate authentication decisions (policies)  Integration in advanced Web apps  Other short-range protocols  Detailed performance statistics  Registration, backup & revocation strategies25
  26. 26. 26

×