SlideShare a Scribd company logo
1 of 18
Download to read offline
All Rights Reserved | FIDO Alliance | Copyright 20171
NEOWAVE + TRUSTELEM
PROTECTING IDAAS*
(WEB/CLOUD SSO*)
WITH FIDO U2F
* IDAAS: IDENTITY AS A SERVICE
SSO: SINGLE SIGN ON
All Rights Reserved | FIDO Alliance | Copyright 20172
Deployment Case Study: Trustelem & Neowave
Protecting IDAAS with FIDO U2F
Gregory Haïk, CEO, Trustelem
Frederic Martin, Security Architect, NEOWAVE
All Rights Reserved | FIDO Alliance | Copyright 20173
FIDO U2F TO PROTECT IDENTITY AS A SERVICE
All Rights Reserved | FIDO Alliance | Copyright 20174
NEOWAVE: SMART CARD BASED SECURITY
PRODUCTS
NEOWAVE mission is to address these issues through strong authentication, encryption and digital
signatures based on secure smart card based products.
Identity theft (phishing), fraud, data theft and cyber attacks are on the rise
All Rights Reserved | FIDO Alliance | Copyright 20175
EASY PHISHING ATTACKS AGAINST
SMS CODES
User Real website
username
password
SMS
username
password
SMS
Send SMS3
1
4 5
2
Fake website
or MITM attack
All Rights Reserved | FIDO Alliance | Copyright 20176
EASY PHISHING ATTACKS AGAINST
OTP / TOTP
username
password
OTP
username
password
OTP
OTP generator2
1
3 5
4
User Real websiteFake website
or MITM attack
All Rights Reserved | FIDO Alliance | Copyright 20177
EASY PHISHING ATTACKS AGAINST
SCANNED QR CODE VALIDATION
User Real websiteFake website
or MITM attack
Give access
Read QR Code
2
3
1
Validate (wrong) access4
5
All Rights Reserved | FIDO Alliance | Copyright 20178
FIDO U2F: SIMPLE / SECURE SOLUTION
AGAINST PHISHING ATTACKS
2 – Data to be signed
(challenge, hashed url, etc.)
4 – Signed Data
3 – Digital Signature
(built-in smart card)
6 – Signature
Verification
1 – Data to be signed
(challenge, hashed url, etc.)
5 – Signed Data
SSL Token Binding
MITM protection
All Rights Reserved | FIDO Alliance | Copyright 20179
FIDO U2F USB SECURITY KEY
PLUG KEYDO
SECURITY KEY IN
ENTER USERNAME
& PASSWORD
THAT’S IT
All Rights Reserved | FIDO Alliance | Copyright 201710
FIDO U2F NFC CARD
APPROACH
BADGEO NFC CARD
THAT’S IT
ENTER USERNAME
& PASSWORD
All Rights Reserved | FIDO Alliance | Copyright 201711
TRUSTELEM: IDENTITY AS A SERVICE
Company
Corporate applications
Trustelem enables your IT users to go from
one application to another, without the need to
re-authenticate.
Trustelem manages digital identities of your
IT users (IDaaS - Identity-as-a-Service Cloud
Single Sign-On, SSO).
All Rights Reserved | FIDO Alliance | Copyright 201712
FIDO U2F ADVANTAGES FOR WEB SSO LOGON
• No driver installation requirement
• Web browser built-in support
• Multi-platform / multi-channel protocol
• High security level (built-in smart card)
• Ultimate solution against identity theft
All Rights Reserved | FIDO Alliance | Copyright 201713
SIMPLE /SECURE WEB SSO LOGON
Password then
FIDO U2F
All Rights Reserved | FIDO Alliance | Copyright 201714
ALL-IN-ONE USER DASHBOARDS ACCESS
PROTECTION
Now you don’t have to
wait for Microsoft to
integrate FIDO U2F
authentication :)
All Rights Reserved | FIDO Alliance | Copyright 201715
APPLICATIONS ACCESS
e.g. facebook workplace
All Rights Reserved | FIDO Alliance | Copyright 201716
ADMIN CONSOLE
Setup directories, users,
apps, permissions…
Logs, deployment audit
All Rights Reserved | FIDO Alliance | Copyright 201717
MORE FIDO U2F ADVANTAGES
• FIDO U2F devices are anonymous (no user
information, just anonymous keys, association
is done on the server side)
• FIDO U2F devices can be filtered, web
services can be locked only for our own
customized devices (attestation certificate)
All Rights Reserved | FIDO Alliance | Copyright 201718
CONCLUSION
• FIDO U2F strongly recommended
for Web SSO users and/or administrators
• Secure but easy to use and deploy

More Related Content

What's hot

What's hot (20)

Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger AuthenticatonGoogle Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
 
FIDO Masterclass
FIDO MasterclassFIDO Masterclass
FIDO Masterclass
 
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
 
Introduction to FIDO Authentication
Introduction to FIDO AuthenticationIntroduction to FIDO Authentication
Introduction to FIDO Authentication
 
Deployment Case Study: Login.gov & FIDO2
Deployment Case Study: Login.gov & FIDO2Deployment Case Study: Login.gov & FIDO2
Deployment Case Study: Login.gov & FIDO2
 
FIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - PresentationFIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - Presentation
 
Google Case Study: Becoming Unphishable
Google Case Study: Becoming UnphishableGoogle Case Study: Becoming Unphishable
Google Case Study: Becoming Unphishable
 
Integrating FIDO & Federation Protocols
Integrating FIDO & Federation ProtocolsIntegrating FIDO & Federation Protocols
Integrating FIDO & Federation Protocols
 
FIDO Authentication and GSMA Mobile Connect
FIDO Authentication and GSMA Mobile ConnectFIDO Authentication and GSMA Mobile Connect
FIDO Authentication and GSMA Mobile Connect
 
Google Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and ConsumersGoogle Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and Consumers
 
Fido Technical Overview
Fido Technical OverviewFido Technical Overview
Fido Technical Overview
 
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger AuthenticatonGoogle Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
 
Authentication and ID Proofing in Education
Authentication and ID Proofing in EducationAuthentication and ID Proofing in Education
Authentication and ID Proofing in Education
 
FIDO and Mobile Connect
FIDO and Mobile ConnectFIDO and Mobile Connect
FIDO and Mobile Connect
 
FIDO Alliance Vision and Status
FIDO Alliance Vision and StatusFIDO Alliance Vision and Status
FIDO Alliance Vision and Status
 
Fido China Working Group (FCWG)
Fido China Working Group (FCWG)Fido China Working Group (FCWG)
Fido China Working Group (FCWG)
 
FIDO Specifications Overview
FIDO Specifications OverviewFIDO Specifications Overview
FIDO Specifications Overview
 
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
 
Introduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & StatusIntroduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & Status
 
Modern Authentication for a Connected World
Modern Authentication for a Connected WorldModern Authentication for a Connected World
Modern Authentication for a Connected World
 

Viewers also liked

Viewers also liked (12)

Introduction to FIDO Alliance
Introduction to FIDO AllianceIntroduction to FIDO Alliance
Introduction to FIDO Alliance
 
FIDO Authentication for Multifactor Payments
FIDO Authentication for Multifactor PaymentsFIDO Authentication for Multifactor Payments
FIDO Authentication for Multifactor Payments
 
NIST 800-63 Guidance & FIDO Authentication
NIST 800-63 Guidance & FIDO AuthenticationNIST 800-63 Guidance & FIDO Authentication
NIST 800-63 Guidance & FIDO Authentication
 
FIDO Authentication & Blockchain
FIDO Authentication & BlockchainFIDO Authentication & Blockchain
FIDO Authentication & Blockchain
 
FIDO Certified Program: Status & Futures
FIDO Certified Program: Status & FuturesFIDO Certified Program: Status & Futures
FIDO Certified Program: Status & Futures
 
FIDO Authentication Opportunities in Healthcare
FIDO Authentication Opportunities in HealthcareFIDO Authentication Opportunities in Healthcare
FIDO Authentication Opportunities in Healthcare
 
Strong Authentication and US Federal Digital Services
Strong Authentication and US Federal Digital ServicesStrong Authentication and US Federal Digital Services
Strong Authentication and US Federal Digital Services
 
FIDO Technical Specifications Overview
FIDO Technical Specifications OverviewFIDO Technical Specifications Overview
FIDO Technical Specifications Overview
 
Getting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical TutorialGetting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical Tutorial
 
Javelin Research 2017 State of Authentication Report
Javelin Research 2017 State of Authentication ReportJavelin Research 2017 State of Authentication Report
Javelin Research 2017 State of Authentication Report
 
FIDO, Federation & Facebook Social Login
FIDO, Federation & Facebook Social LoginFIDO, Federation & Facebook Social Login
FIDO, Federation & Facebook Social Login
 
FIDO - The Value of Membership
FIDO -  The Value of Membership FIDO -  The Value of Membership
FIDO - The Value of Membership
 

Similar to Protecting IDAAS with FIDO Authentication

Similar to Protecting IDAAS with FIDO Authentication (20)

Introduction to the FIDO Alliance
Introduction to the FIDO AllianceIntroduction to the FIDO Alliance
Introduction to the FIDO Alliance
 
The Future of Authentication for IoT
The Future of Authentication for IoTThe Future of Authentication for IoT
The Future of Authentication for IoT
 
“Your Security, More Simple.” by utilizing FIDO Authentication
“Your Security, More Simple.” by utilizing FIDO Authentication“Your Security, More Simple.” by utilizing FIDO Authentication
“Your Security, More Simple.” by utilizing FIDO Authentication
 
Tokyo Seminar: FIDO Alliance Vision and Status
Tokyo Seminar: FIDO Alliance Vision and StatusTokyo Seminar: FIDO Alliance Vision and Status
Tokyo Seminar: FIDO Alliance Vision and Status
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical Overview
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical Overview
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Beyond Passwords: FIDO and the Future of User Authentication
Beyond Passwords: FIDO and the Future of User AuthenticationBeyond Passwords: FIDO and the Future of User Authentication
Beyond Passwords: FIDO and the Future of User Authentication
 
Beyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer AuthenticationBeyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
 
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowellIntroduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
 
Technical Principles of FIDO Authentication
Technical Principles of FIDO AuthenticationTechnical Principles of FIDO Authentication
Technical Principles of FIDO Authentication
 
Technical Principles of FIDO Authentication
Technical Principles of FIDO AuthenticationTechnical Principles of FIDO Authentication
Technical Principles of FIDO Authentication
 
Using FIDO Authenticator for IoT Devices
Using FIDO Authenticator for IoT DevicesUsing FIDO Authenticator for IoT Devices
Using FIDO Authenticator for IoT Devices
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
Introduction to FIDO Biometric Authentication
Introduction to FIDO Biometric AuthenticationIntroduction to FIDO Biometric Authentication
Introduction to FIDO Biometric Authentication
 
Eliminating Passwords with Biometrics for Identity Access Management Webinar
Eliminating Passwords with Biometrics for Identity Access Management WebinarEliminating Passwords with Biometrics for Identity Access Management Webinar
Eliminating Passwords with Biometrics for Identity Access Management Webinar
 
FIDO Alliance Vision and Updates
FIDO Alliance Vision and UpdatesFIDO Alliance Vision and Updates
FIDO Alliance Vision and Updates
 
2018 12-07 tokyo-seminar Brett McDowell
2018 12-07 tokyo-seminar Brett McDowell2018 12-07 tokyo-seminar Brett McDowell
2018 12-07 tokyo-seminar Brett McDowell
 
Authenticate 2021: Welcome Address
Authenticate 2021: Welcome AddressAuthenticate 2021: Welcome Address
Authenticate 2021: Welcome Address
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 

More from FIDO Alliance

Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
FIDO Alliance
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
FIDO Alliance
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider  Progress from Awareness to Implementation.pptxTales from a Passkey Provider  Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
FIDO Alliance
 

More from FIDO Alliance (20)

FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptx
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptx
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider  Progress from Awareness to Implementation.pptxTales from a Passkey Provider  Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptx
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
 
OTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptxOTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptx
 
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptxFIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptx
 

Recently uploaded

audience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkkaudience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
lolsDocherty
 
Production 2024 sunderland culture final - Copy.pptx
Production 2024 sunderland culture final - Copy.pptxProduction 2024 sunderland culture final - Copy.pptx
Production 2024 sunderland culture final - Copy.pptx
ChloeMeadows1
 

Recently uploaded (16)

audience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkkaudience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
 
The Use of AI in Indonesia Election 2024: A Case Study
The Use of AI in Indonesia Election 2024: A Case StudyThe Use of AI in Indonesia Election 2024: A Case Study
The Use of AI in Indonesia Election 2024: A Case Study
 
Thank You Luv I’ll Never Walk Alone Again T shirts
Thank You Luv I’ll Never Walk Alone Again T shirtsThank You Luv I’ll Never Walk Alone Again T shirts
Thank You Luv I’ll Never Walk Alone Again T shirts
 
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
 
Pvtaan Social media marketing proposal.pdf
Pvtaan Social media marketing proposal.pdfPvtaan Social media marketing proposal.pdf
Pvtaan Social media marketing proposal.pdf
 
Cyber Security Services Unveiled: Strategies to Secure Your Digital Presence
Cyber Security Services Unveiled: Strategies to Secure Your Digital PresenceCyber Security Services Unveiled: Strategies to Secure Your Digital Presence
Cyber Security Services Unveiled: Strategies to Secure Your Digital Presence
 
Reggie miller choke t shirtsReggie miller choke t shirts
Reggie miller choke t shirtsReggie miller choke t shirtsReggie miller choke t shirtsReggie miller choke t shirts
Reggie miller choke t shirtsReggie miller choke t shirts
 
Statistical Analysis of DNS Latencies.pdf
Statistical Analysis of DNS Latencies.pdfStatistical Analysis of DNS Latencies.pdf
Statistical Analysis of DNS Latencies.pdf
 
I’ll See Y’All Motherfuckers In Game 7 Shirt
I’ll See Y’All Motherfuckers In Game 7 ShirtI’ll See Y’All Motherfuckers In Game 7 Shirt
I’ll See Y’All Motherfuckers In Game 7 Shirt
 
Bug Bounty Blueprint : A Beginner's Guide
Bug Bounty Blueprint : A Beginner's GuideBug Bounty Blueprint : A Beginner's Guide
Bug Bounty Blueprint : A Beginner's Guide
 
Development Lifecycle.pptx for the secure development of apps
Development Lifecycle.pptx for the secure development of appsDevelopment Lifecycle.pptx for the secure development of apps
Development Lifecycle.pptx for the secure development of apps
 
Topology of the Network class 8 .ppt pdf
Topology of the Network class 8 .ppt pdfTopology of the Network class 8 .ppt pdf
Topology of the Network class 8 .ppt pdf
 
Premier Mobile App Development Agency in USA.pdf
Premier Mobile App Development Agency in USA.pdfPremier Mobile App Development Agency in USA.pdf
Premier Mobile App Development Agency in USA.pdf
 
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebiThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
 
Production 2024 sunderland culture final - Copy.pptx
Production 2024 sunderland culture final - Copy.pptxProduction 2024 sunderland culture final - Copy.pptx
Production 2024 sunderland culture final - Copy.pptx
 
How Do I Begin the Linksys Velop Setup Process?
How Do I Begin the Linksys Velop Setup Process?How Do I Begin the Linksys Velop Setup Process?
How Do I Begin the Linksys Velop Setup Process?
 

Protecting IDAAS with FIDO Authentication

  • 1. All Rights Reserved | FIDO Alliance | Copyright 20171 NEOWAVE + TRUSTELEM PROTECTING IDAAS* (WEB/CLOUD SSO*) WITH FIDO U2F * IDAAS: IDENTITY AS A SERVICE SSO: SINGLE SIGN ON
  • 2. All Rights Reserved | FIDO Alliance | Copyright 20172 Deployment Case Study: Trustelem & Neowave Protecting IDAAS with FIDO U2F Gregory Haïk, CEO, Trustelem Frederic Martin, Security Architect, NEOWAVE
  • 3. All Rights Reserved | FIDO Alliance | Copyright 20173 FIDO U2F TO PROTECT IDENTITY AS A SERVICE
  • 4. All Rights Reserved | FIDO Alliance | Copyright 20174 NEOWAVE: SMART CARD BASED SECURITY PRODUCTS NEOWAVE mission is to address these issues through strong authentication, encryption and digital signatures based on secure smart card based products. Identity theft (phishing), fraud, data theft and cyber attacks are on the rise
  • 5. All Rights Reserved | FIDO Alliance | Copyright 20175 EASY PHISHING ATTACKS AGAINST SMS CODES User Real website username password SMS username password SMS Send SMS3 1 4 5 2 Fake website or MITM attack
  • 6. All Rights Reserved | FIDO Alliance | Copyright 20176 EASY PHISHING ATTACKS AGAINST OTP / TOTP username password OTP username password OTP OTP generator2 1 3 5 4 User Real websiteFake website or MITM attack
  • 7. All Rights Reserved | FIDO Alliance | Copyright 20177 EASY PHISHING ATTACKS AGAINST SCANNED QR CODE VALIDATION User Real websiteFake website or MITM attack Give access Read QR Code 2 3 1 Validate (wrong) access4 5
  • 8. All Rights Reserved | FIDO Alliance | Copyright 20178 FIDO U2F: SIMPLE / SECURE SOLUTION AGAINST PHISHING ATTACKS 2 – Data to be signed (challenge, hashed url, etc.) 4 – Signed Data 3 – Digital Signature (built-in smart card) 6 – Signature Verification 1 – Data to be signed (challenge, hashed url, etc.) 5 – Signed Data SSL Token Binding MITM protection
  • 9. All Rights Reserved | FIDO Alliance | Copyright 20179 FIDO U2F USB SECURITY KEY PLUG KEYDO SECURITY KEY IN ENTER USERNAME & PASSWORD THAT’S IT
  • 10. All Rights Reserved | FIDO Alliance | Copyright 201710 FIDO U2F NFC CARD APPROACH BADGEO NFC CARD THAT’S IT ENTER USERNAME & PASSWORD
  • 11. All Rights Reserved | FIDO Alliance | Copyright 201711 TRUSTELEM: IDENTITY AS A SERVICE Company Corporate applications Trustelem enables your IT users to go from one application to another, without the need to re-authenticate. Trustelem manages digital identities of your IT users (IDaaS - Identity-as-a-Service Cloud Single Sign-On, SSO).
  • 12. All Rights Reserved | FIDO Alliance | Copyright 201712 FIDO U2F ADVANTAGES FOR WEB SSO LOGON • No driver installation requirement • Web browser built-in support • Multi-platform / multi-channel protocol • High security level (built-in smart card) • Ultimate solution against identity theft
  • 13. All Rights Reserved | FIDO Alliance | Copyright 201713 SIMPLE /SECURE WEB SSO LOGON Password then FIDO U2F
  • 14. All Rights Reserved | FIDO Alliance | Copyright 201714 ALL-IN-ONE USER DASHBOARDS ACCESS PROTECTION Now you don’t have to wait for Microsoft to integrate FIDO U2F authentication :)
  • 15. All Rights Reserved | FIDO Alliance | Copyright 201715 APPLICATIONS ACCESS e.g. facebook workplace
  • 16. All Rights Reserved | FIDO Alliance | Copyright 201716 ADMIN CONSOLE Setup directories, users, apps, permissions… Logs, deployment audit
  • 17. All Rights Reserved | FIDO Alliance | Copyright 201717 MORE FIDO U2F ADVANTAGES • FIDO U2F devices are anonymous (no user information, just anonymous keys, association is done on the server side) • FIDO U2F devices can be filtered, web services can be locked only for our own customized devices (attestation certificate)
  • 18. All Rights Reserved | FIDO Alliance | Copyright 201718 CONCLUSION • FIDO U2F strongly recommended for Web SSO users and/or administrators • Secure but easy to use and deploy