SlideShare a Scribd company logo

Sice2011 cdam by aladdin dandis (final)

Aladdin Dandis
Aladdin Dandis

Aladdin Dandis Speak 2011 - Algeria Introducing CDAM Ver 2.0

Presentations & Public Speaking
1 of 18
Download to read offline
Concurrent Distributed Authentication Model (CDAM) Aladdin T. Dandis Information Security Compliance Officer Jordan eGovernment Program / MoICT 1Aladdin T. Dandis / SICE2011 - Algeria
Agenda  Introduction  CDAM Ver. 1.0  Pros and Cons  CDAM Ver. 2.0  Pros and Cons  Conclusions 2Aladdin T. Dandis / SICE2011 - Algeria
Introduction  This project was originally concerned about applying security and privacy considerations in school systems.  The system is a web-database application.  The target client was a private school in Amman.  Problem  the old system lacks security and privacy considerations. 3Aladdin T. Dandis / SICE2011 - Algeria
Security  A number of processes and technologies applied to prevent unauthorized parties from accessing sensitive resources Privacy  The human right to control and manage data about himself, without being monitored by other parties 4 Security Vs Privacy Aladdin T. Dandis / SICE2011 - Algeria
CDAM Ver. 1.0 5Aladdin T. Dandis / SICE2011 - Algeria
Overview  What?  Concurrent Distributed Authentication Model  Why?  To authenticate online users.  How?  The username and password will be checked in many separate authentication database servers rather than one. 6Aladdin T. Dandis / SICE2011 - Algeria
Architecture 7Aladdin T. Dandis / SICE2011 - Algeria S1 Sender Unit Logging Unit Comparison Unit S2 S3 User Legitimate Login False Login to 'Honey Pot' Authentication Servers Farm The Object System False System
Characteristics  Authentication model  Built-in Authorization  Authentication token is used:  Token  Role + Real User Name = Role User Name  Example  Student + Ahmad.d = SAhmad.d 8Aladdin T. Dandis / SICE2011 - Algeria
Authentication & Authorization Algorithms 9Aladdin T. Dandis / SICE2011 - Algeria Enter UserName, Password and Role Check for the requested object Extract Role from the Token Check ACLs for the Role Authorize User Deny user and direct to HoneyPot Authorization Module Calculate the Hash Take the first 5 characters of the hash Take integer values for username and password and Role Check the 5 characters hash Server 1 Server 2 Server 3 Authentication Server Farm ASF Authentication Module Y Y Y N N
Pros  Compromising one authentication server will not affect authentication  Using Hashing  Light authentication Cons  Repeated Cipher patterns  No proof of origin  Denial of service  Vulnerable to sniffers  Homemade hashing algorithm 10 Pros and Cons Aladdin T. Dandis / SICE2011 - Algeria
CDAM Ver. 2.0 11Aladdin T. Dandis / SICE2011 - Algeria
Overview  Overcome Cons in CDAM Ver. 1.0  Still under coding and testing  Scalable for web applications  Multiple open standard and strong encryption algorithms  M:N authentication acceptance 12Aladdin T. Dandis / SICE2011 - Algeria
Architecture 13Aladdin T. Dandis / SICE2011 - Algeria S1 Sender Unit Logging Unit Comparison Unit S2 S3 User Legitimate Login False Login to 'Honey Pot' Authentication Servers Farm The Object System False System
Architecture 14Aladdin T. Dandis / SICE2011 - Algeria S1 Sender Unit Logging Unit Comparison Unit S2 S3 User Legitimate Login False Login to 'Honey Pot' Authentication Servers Farm The Object System False System
Architecture 15Aladdin T. Dandis / SICE2011 - Algeria S1 Sender Unit Logging Unit Comparison Unit S2 S3 User Legitimate Login False Login to 'Honey Pot' Authentication Servers Farm The Object System False System Hashing Algorithm 1 Hashing Algorithm 2 Hashing Algorithm 3
Pros  Compromising one authentication server will not affect authentication  Using Hashing  Light authentication Cons  Repeated Cipher patterns  No proof of origin  Denial of service  Vulnerable to sniffers  Homemade hashing algorithm 16 Evaluation Remedy  Full cipher is written  SSL Certificate  M:N  Encrypted channels  Open standard hashing algorithms Aladdin T. Dandis / SICE2011 - Algeria
Future Work  Integration with OTP  Integration with Smart Card Systems 17Aladdin T. Dandis / SICE2011 - Algeria
Thank You aladdin.d@moict.gov.jo 18Aladdin T. Dandis / SICE2011 - Algeria

Recommended

Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...
Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...
Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...Codecamp Romania
 
End-to-End Identity Management
End-to-End Identity ManagementEnd-to-End Identity Management
End-to-End Identity ManagementWSO2
 
Clear Pci Vulnerability Scans Web2
Clear Pci Vulnerability Scans Web2Clear Pci Vulnerability Scans Web2
Clear Pci Vulnerability Scans Web2Cybera Inc
 
Sy0 401-q&a-demo-cert magic
Sy0 401-q&a-demo-cert magicSy0 401-q&a-demo-cert magic
Sy0 401-q&a-demo-cert magicjenie Emmons
 
Secure Code Warrior - Trust no input
Secure Code Warrior - Trust no inputSecure Code Warrior - Trust no input
Secure Code Warrior - Trust no inputSecure Code Warrior
 
Adapting Levels of Assurance for NSTIC
Adapting Levels of Assurance for NSTICAdapting Levels of Assurance for NSTIC
Adapting Levels of Assurance for NSTICJim Fenton
 
Web applications security conference slides
Web applications security conference slidesWeb applications security conference slides
Web applications security conference slidesBassam Al-Khatib
 
[OPD 2019] Inter-application vulnerabilities
[OPD 2019] Inter-application vulnerabilities[OPD 2019] Inter-application vulnerabilities
[OPD 2019] Inter-application vulnerabilitiesOWASP
 

Recommended

Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...
Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...
Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...Codecamp Romania
 
End-to-End Identity Management
End-to-End Identity ManagementEnd-to-End Identity Management
End-to-End Identity ManagementWSO2
 
Clear Pci Vulnerability Scans Web2
Clear Pci Vulnerability Scans Web2Clear Pci Vulnerability Scans Web2
Clear Pci Vulnerability Scans Web2Cybera Inc
 
Sy0 401-q&a-demo-cert magic
Sy0 401-q&a-demo-cert magicSy0 401-q&a-demo-cert magic
Sy0 401-q&a-demo-cert magicjenie Emmons
 
Secure Code Warrior - Trust no input
Secure Code Warrior - Trust no inputSecure Code Warrior - Trust no input
Secure Code Warrior - Trust no inputSecure Code Warrior
 
Adapting Levels of Assurance for NSTIC
Adapting Levels of Assurance for NSTICAdapting Levels of Assurance for NSTIC
Adapting Levels of Assurance for NSTICJim Fenton
 
Web applications security conference slides
Web applications security conference slidesWeb applications security conference slides
Web applications security conference slidesBassam Al-Khatib
 
[OPD 2019] Inter-application vulnerabilities
[OPD 2019] Inter-application vulnerabilities[OPD 2019] Inter-application vulnerabilities
[OPD 2019] Inter-application vulnerabilitiesOWASP
 
Security Testing: What Testers Can Do
Security Testing: What Testers Can DoSecurity Testing: What Testers Can Do
Security Testing: What Testers Can DoTechWell
 
Pki (2nd e transactions forum) v 1.0
Pki (2nd e transactions forum) v 1.0Pki (2nd e transactions forum) v 1.0
Pki (2nd e transactions forum) v 1.0Aladdin Dandis
 
Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Aladdin Dandis
 
Webinar hiware
Webinar hiwareWebinar hiware
Webinar hiwareSeokminyoon4
 
Seguridad en información digital Carlos Galeano EMC2 Regional Storage Specialist
Seguridad en información digital Carlos Galeano EMC2 Regional Storage SpecialistSeguridad en información digital Carlos Galeano EMC2 Regional Storage Specialist
Seguridad en información digital Carlos Galeano EMC2 Regional Storage SpecialistMinisterio TIC Colombia
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachCA Technologies
 
Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...OracleIDM
 
Con8823 access management for the internet of things-final
Con8823 access management for the internet of things-finalCon8823 access management for the internet of things-final
Con8823 access management for the internet of things-finalOracleIDM
 
Securing The Cloud
Securing The CloudSecuring The Cloud
Securing The Cloudgeorge.james
 
CIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCloudIDSummit
 
312 50-demo
312 50-demo312 50-demo
312 50-demoTomas Vileikis
 
4 Cyber Security KPIs
4 Cyber Security KPIs4 Cyber Security KPIs
4 Cyber Security KPIsSteven Aiello
 
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive PresentationNormShield, Inc.
 
Anil saldhana oasisid_cloud
Anil saldhana oasisid_cloudAnil saldhana oasisid_cloud
Anil saldhana oasisid_cloudAnil Saldanha
 
CIS13: Identity at Scale
CIS13: Identity at ScaleCIS13: Identity at Scale
CIS13: Identity at ScaleCloudIDSummit
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StoryCloudLock
 
Online Authentication
Online AuthenticationOnline Authentication
Online AuthenticationMarc-Andre Heroux
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Risk Crew
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern ArchitecturesSecureAuth
 
CA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - VasuCA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - VasuVasu Surabhi
 
The role of big data, artificial intelligence and machine learning in cyber i...
The role of big data, artificial intelligence and machine learning in cyber i...The role of big data, artificial intelligence and machine learning in cyber i...
The role of big data, artificial intelligence and machine learning in cyber i...Aladdin Dandis
 
Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Aladdin Dandis
 

More Related Content

Similar to Sice2011 cdam by aladdin dandis (final)

Security Testing: What Testers Can Do
Security Testing: What Testers Can DoSecurity Testing: What Testers Can Do
Security Testing: What Testers Can DoTechWell
 
Pki (2nd e transactions forum) v 1.0
Pki (2nd e transactions forum) v 1.0Pki (2nd e transactions forum) v 1.0
Pki (2nd e transactions forum) v 1.0Aladdin Dandis
 
Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Aladdin Dandis
 
Seguridad en información digital Carlos Galeano EMC2 Regional Storage Specialist
Seguridad en información digital Carlos Galeano EMC2 Regional Storage SpecialistSeguridad en información digital Carlos Galeano EMC2 Regional Storage Specialist
Seguridad en información digital Carlos Galeano EMC2 Regional Storage SpecialistMinisterio TIC Colombia
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachCA Technologies
 
Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...OracleIDM
 
Con8823 access management for the internet of things-final
Con8823 access management for the internet of things-finalCon8823 access management for the internet of things-final
Con8823 access management for the internet of things-finalOracleIDM
 
Securing The Cloud
Securing The CloudSecuring The Cloud
Securing The Cloudgeorge.james
 
CIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCloudIDSummit
 
4 Cyber Security KPIs
4 Cyber Security KPIs4 Cyber Security KPIs
4 Cyber Security KPIsSteven Aiello
 
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive PresentationNormShield, Inc.
 
Anil saldhana oasisid_cloud
Anil saldhana oasisid_cloudAnil saldhana oasisid_cloud
Anil saldhana oasisid_cloudAnil Saldanha
 
CIS13: Identity at Scale
CIS13: Identity at ScaleCIS13: Identity at Scale
CIS13: Identity at ScaleCloudIDSummit
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StoryCloudLock
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Risk Crew
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern ArchitecturesSecureAuth
 
CA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - VasuCA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - VasuVasu Surabhi
 

Similar to Sice2011 cdam by aladdin dandis (final) (20)

Security Testing: What Testers Can Do
Security Testing: What Testers Can DoSecurity Testing: What Testers Can Do
Security Testing: What Testers Can Do
 
Pki (2nd e transactions forum) v 1.0
Pki (2nd e transactions forum) v 1.0Pki (2nd e transactions forum) v 1.0
Pki (2nd e transactions forum) v 1.0
 
Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0
 
Webinar hiware
Webinar hiwareWebinar hiware
Webinar hiware
 
Seguridad en información digital Carlos Galeano EMC2 Regional Storage Specialist
Seguridad en información digital Carlos Galeano EMC2 Regional Storage SpecialistSeguridad en información digital Carlos Galeano EMC2 Regional Storage Specialist
Seguridad en información digital Carlos Galeano EMC2 Regional Storage Specialist
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data Breach
 
Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...
 
Con8823 access management for the internet of things-final
Con8823 access management for the internet of things-finalCon8823 access management for the internet of things-final
Con8823 access management for the internet of things-final
 
Securing The Cloud
Securing The CloudSecuring The Cloud
Securing The Cloud
 
CIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John Bradley
 
312 50-demo
312 50-demo312 50-demo
312 50-demo
 
4 Cyber Security KPIs
4 Cyber Security KPIs4 Cyber Security KPIs
4 Cyber Security KPIs
 
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
 
Anil saldhana oasisid_cloud
Anil saldhana oasisid_cloudAnil saldhana oasisid_cloud
Anil saldhana oasisid_cloud
 
CIS13: Identity at Scale
CIS13: Identity at ScaleCIS13: Identity at Scale
CIS13: Identity at Scale
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's Story
 
Online Authentication
Online AuthenticationOnline Authentication
Online Authentication
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern Architectures
 
CA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - VasuCA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - Vasu
 

More from Aladdin Dandis

The role of big data, artificial intelligence and machine learning in cyber i...
The role of big data, artificial intelligence and machine learning in cyber i...The role of big data, artificial intelligence and machine learning in cyber i...
The role of big data, artificial intelligence and machine learning in cyber i...Aladdin Dandis
 
Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Aladdin Dandis
 
How to secure your business on the cloud? practical approach from strategy to...
How to secure your business on the cloud? practical approach from strategy to...How to secure your business on the cloud? practical approach from strategy to...
How to secure your business on the cloud? practical approach from strategy to...Aladdin Dandis
 
What is still missed for security real life facts
What is still missed for security real life factsWhat is still missed for security real life facts
What is still missed for security real life factsAladdin Dandis
 
A practical approach to secure your business on the cloud using aws from str...
A practical approach to secure your business on the cloud using aws from str...A practical approach to secure your business on the cloud using aws from str...
A practical approach to secure your business on the cloud using aws from str...Aladdin Dandis
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 
The importance of information systems security amid risks posed by accelerate...
The importance of information systems security amid risks posed by accelerate...The importance of information systems security amid risks posed by accelerate...
The importance of information systems security amid risks posed by accelerate...Aladdin Dandis
 
Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Aladdin Dandis
 
Module 3 business continuity student slides ver 1.0
Module 3 business continuity student slides ver 1.0Module 3 business continuity student slides ver 1.0
Module 3 business continuity student slides ver 1.0Aladdin Dandis
 
Module 1 bc and dr fundamentals student slides ver 1.0
Module 1 bc and dr fundamentals student slides ver 1.0Module 1 bc and dr fundamentals student slides ver 1.0
Module 1 bc and dr fundamentals student slides ver 1.0Aladdin Dandis
 
Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Aladdin Dandis
 
Assessing a cloud based approach to cyber security
Assessing a cloud based approach to cyber securityAssessing a cloud based approach to cyber security
Assessing a cloud based approach to cyber securityAladdin Dandis
 

More from Aladdin Dandis (20)

The role of big data, artificial intelligence and machine learning in cyber i...
The role of big data, artificial intelligence and machine learning in cyber i...The role of big data, artificial intelligence and machine learning in cyber i...
The role of big data, artificial intelligence and machine learning in cyber i...
 
Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace
 
How to secure your business on the cloud? practical approach from strategy to...
How to secure your business on the cloud? practical approach from strategy to...How to secure your business on the cloud? practical approach from strategy to...
How to secure your business on the cloud? practical approach from strategy to...
 
What is still missed for security real life facts
What is still missed for security real life factsWhat is still missed for security real life facts
What is still missed for security real life facts
 
A practical approach to secure your business on the cloud using aws from str...
A practical approach to secure your business on the cloud using aws from str...A practical approach to secure your business on the cloud using aws from str...
A practical approach to secure your business on the cloud using aws from str...
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
 
The importance of information systems security amid risks posed by accelerate...
The importance of information systems security amid risks posed by accelerate...The importance of information systems security amid risks posed by accelerate...
The importance of information systems security amid risks posed by accelerate...
 
Ch4 cism 2014
Ch4 cism 2014Ch4 cism 2014
Ch4 cism 2014
 
Ch3 cism 2014
Ch3 cism 2014Ch3 cism 2014
Ch3 cism 2014
 
Ch2 cism 2014
Ch2 cism 2014Ch2 cism 2014
Ch2 cism 2014
 
Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0
 
Module 3 business continuity student slides ver 1.0
Module 3 business continuity student slides ver 1.0Module 3 business continuity student slides ver 1.0
Module 3 business continuity student slides ver 1.0
 
Module 1 bc and dr fundamentals student slides ver 1.0
Module 1 bc and dr fundamentals student slides ver 1.0Module 1 bc and dr fundamentals student slides ver 1.0
Module 1 bc and dr fundamentals student slides ver 1.0
 
Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0Module 4 disaster recovery student slides ver 1.0
Module 4 disaster recovery student slides ver 1.0
 
Assessing a cloud based approach to cyber security
Assessing a cloud based approach to cyber securityAssessing a cloud based approach to cyber security
Assessing a cloud based approach to cyber security
 
Cisa 2013 ch3
Cisa 2013 ch3Cisa 2013 ch3
Cisa 2013 ch3
 
Cisa 2013 ch2
Cisa 2013 ch2Cisa 2013 ch2
Cisa 2013 ch2
 
Cisa 2013 ch4
Cisa 2013 ch4Cisa 2013 ch4
Cisa 2013 ch4
 
Cisa 2013 ch5
Cisa 2013 ch5Cisa 2013 ch5
Cisa 2013 ch5
 
Cisa 2013 ch0
Cisa 2013 ch0Cisa 2013 ch0
Cisa 2013 ch0
 

Recently uploaded

Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxMohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxmohammadalnahdi22
 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptssuser319dad
 
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Pooja Nehwal
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024eCommerce Institute
 
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Delhi Call girls
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...NETWAYS
 
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyCall Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyPooja Nehwal
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AITatiana Gurgel
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝soniya singh
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Salam Al-Karadaghi
 
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...NETWAYS
 
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...Sheetaleventcompany
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Krijn Poppe
 
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...NETWAYS
 
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024eCommerce Institute
 
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...NETWAYS
 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...NETWAYS
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Hasting Chen
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxNikitaBankoti2
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Kayode Fayemi
 

Recently uploaded (20)

Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxMohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.ppt
 
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024
 
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
 
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyCall Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AI
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
 
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
 
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
 
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
 
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
 
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
 

Sice2011 cdam by aladdin dandis (final)

  • 1. Concurrent Distributed Authentication Model (CDAM) Aladdin T. Dandis Information Security Compliance Officer Jordan eGovernment Program / MoICT 1Aladdin T. Dandis / SICE2011 - Algeria
  • 2. Agenda  Introduction  CDAM Ver. 1.0  Pros and Cons  CDAM Ver. 2.0  Pros and Cons  Conclusions 2Aladdin T. Dandis / SICE2011 - Algeria
  • 3. Introduction  This project was originally concerned about applying security and privacy considerations in school systems.  The system is a web-database application.  The target client was a private school in Amman.  Problem  the old system lacks security and privacy considerations. 3Aladdin T. Dandis / SICE2011 - Algeria
  • 4. Security  A number of processes and technologies applied to prevent unauthorized parties from accessing sensitive resources Privacy  The human right to control and manage data about himself, without being monitored by other parties 4 Security Vs Privacy Aladdin T. Dandis / SICE2011 - Algeria
  • 5. CDAM Ver. 1.0 5Aladdin T. Dandis / SICE2011 - Algeria
  • 6. Overview  What?  Concurrent Distributed Authentication Model  Why?  To authenticate online users.  How?  The username and password will be checked in many separate authentication database servers rather than one. 6Aladdin T. Dandis / SICE2011 - Algeria
  • 7. Architecture 7Aladdin T. Dandis / SICE2011 - Algeria S1 Sender Unit Logging Unit Comparison Unit S2 S3 User Legitimate Login False Login to 'Honey Pot' Authentication Servers Farm The Object System False System
  • 8. Characteristics  Authentication model  Built-in Authorization  Authentication token is used:  Token  Role + Real User Name = Role User Name  Example  Student + Ahmad.d = SAhmad.d 8Aladdin T. Dandis / SICE2011 - Algeria
  • 9. Authentication & Authorization Algorithms 9Aladdin T. Dandis / SICE2011 - Algeria Enter UserName, Password and Role Check for the requested object Extract Role from the Token Check ACLs for the Role Authorize User Deny user and direct to HoneyPot Authorization Module Calculate the Hash Take the first 5 characters of the hash Take integer values for username and password and Role Check the 5 characters hash Server 1 Server 2 Server 3 Authentication Server Farm ASF Authentication Module Y Y Y N N
  • 10. Pros  Compromising one authentication server will not affect authentication  Using Hashing  Light authentication Cons  Repeated Cipher patterns  No proof of origin  Denial of service  Vulnerable to sniffers  Homemade hashing algorithm 10 Pros and Cons Aladdin T. Dandis / SICE2011 - Algeria
  • 11. CDAM Ver. 2.0 11Aladdin T. Dandis / SICE2011 - Algeria
  • 12. Overview  Overcome Cons in CDAM Ver. 1.0  Still under coding and testing  Scalable for web applications  Multiple open standard and strong encryption algorithms  M:N authentication acceptance 12Aladdin T. Dandis / SICE2011 - Algeria
  • 13. Architecture 13Aladdin T. Dandis / SICE2011 - Algeria S1 Sender Unit Logging Unit Comparison Unit S2 S3 User Legitimate Login False Login to 'Honey Pot' Authentication Servers Farm The Object System False System
  • 14. Architecture 14Aladdin T. Dandis / SICE2011 - Algeria S1 Sender Unit Logging Unit Comparison Unit S2 S3 User Legitimate Login False Login to 'Honey Pot' Authentication Servers Farm The Object System False System
  • 15. Architecture 15Aladdin T. Dandis / SICE2011 - Algeria S1 Sender Unit Logging Unit Comparison Unit S2 S3 User Legitimate Login False Login to 'Honey Pot' Authentication Servers Farm The Object System False System Hashing Algorithm 1 Hashing Algorithm 2 Hashing Algorithm 3
  • 16. Pros  Compromising one authentication server will not affect authentication  Using Hashing  Light authentication Cons  Repeated Cipher patterns  No proof of origin  Denial of service  Vulnerable to sniffers  Homemade hashing algorithm 16 Evaluation Remedy  Full cipher is written  SSL Certificate  M:N  Encrypted channels  Open standard hashing algorithms Aladdin T. Dandis / SICE2011 - Algeria
  • 17. Future Work  Integration with OTP  Integration with Smart Card Systems 17Aladdin T. Dandis / SICE2011 - Algeria
  • 18. Thank You aladdin.d@moict.gov.jo 18Aladdin T. Dandis / SICE2011 - Algeria