[Cluj] A distributed - collaborative client certification system

OWASP EEE
OWASP EEEOWASP
EEE 2015, Cluj Napoca Stefan Harsan Farr (As means to fight cybercriminality)
EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System Our Reality Hyperspace physical limitations pressure of consequences an easy road to criminality rules of engagement advantage from braking the rules competitive world utopian environment teleportation
EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System Victory favors the attacker - energy spent planning - element of surprize - cloak of invisibility - teleportation The nature of Internet
EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System A face in Cyberspace ? Not with Ethernet, TCP, MAC Yes, for Businesses (sites) Not, for People (clients) Yes & No, for People window for attack SSL / TLS In App (session based)
EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System Certification Authority information is public by nature information is reliable few in number by comparison information is private by nature information is fast changing and unreliable privacy and legal concerns { {too many ... abandoned in use Business Individual
EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System respects privacy can manage the number can provide up to date identification not for replacing present authentication it identifies access points, not users not one CA, but existing actors For Individuals Some Differences Distributed, Collaborative Client Certification System
EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System PKI system (signature / verfication) identifies an end point anonymous, no data collected some one time issued verification system wait .... little value .... installed into networking applications or directly into the OS To Individuals Collaborative Client Certification Authority C3 Authority Client Certificate O
EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System Client Certificate O ANONYMOUS INDIVIDUAL email providers, phone companies or other communication service prviders Client Certificate O Collaborative Client Certification Authority C3 Authority Degree 1 Certification Authority 1O CA weakly reachable, email, phone, etc.
EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System Client Certificate O ANONYMOUS INDIVIDUAL banks, medical institutions, government entities or, any entity that comes in physical contact with the individual Client Certificate O Collaborative Client Certification Authority C3 Authority Degree 2 Certification Authority 2O CA strongly identifiable, physical identity can be requested from 2o CA
EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System NOT SO ANONYMOUS INDIVIDUAL Collaborative Client Certification Authority C3 Authority OFFENDED ENTITY LEGAL AUTHORITY warning arrest Degree 2 Certification Authority 2O CA Degree 1 Certification Authority 1O CA
EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System Client Certificate O Client Certificate O Client Certificate O INDIVIDUAL WEB ENTITIES THAT NEED NO SECURITY WEB ENTITIES THAT NEED SOME SECURITY accept drop accept accept WEB COMPANIES DEALING WITH MONEY, WEB SHOPS, BORKERS, etc
EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System cannot be prevented can be detected BigData analyses track source of SPAM track source of mallware block certificate trigger validation Client Certificate compromised certificate - stolen - recovered from disposed devices 2O CYBER CRYMINAL accept WEB COMPANIES DEALING WITH MONEY, WEB SHOPS, BORKERS, etc
EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System future could be bright ..... BigData analyses provide statistics to certificate owners parental control sign every email, uploaded file by default empower legitimate users & hinder criminal activity challenges ..... adoption getting companies to collaborate vendor & business neutral approach
EEE 2015, Cluj Napoca Stefan Harsan Farr stefan@earless.net
1 of 14

[Cluj] A distributed - collaborative client certification system

Download to read offline
Internet

A distributed - collaborative client certification system. Stefan Harsan Farr.

OWASP EEE
OWASP EEEOWASP

Recommended

Why Technology Makes a Difference 201503 v2 by
Why Technology Makes a Difference 201503 v2Why Technology Makes a Difference 201503 v2
Why Technology Makes a Difference 201503 v2Laura Martin
83 views1 slide
RESUME 2016 by
RESUME 2016RESUME 2016
RESUME 2016Vanessa Sewell
157 views3 slides
Transforming services through identity & eligibility checking | Ian Litton | ... by
Transforming services through identity & eligibility checking | Ian Litton | ...Transforming services through identity & eligibility checking | Ian Litton | ...
Transforming services through identity & eligibility checking | Ian Litton | ...Department for Communities and Local Government Local Digital Campaign
470 views24 slides
Schedule of Services - high res - v1.0 by
Schedule of Services - high res - v1.0Schedule of Services - high res - v1.0
Schedule of Services - high res - v1.0Lauren Tobin
111 views12 slides
FinTech Belgium - MeetUp on The Ideal RegTech for Banks and FinTechs - Jean-F... by
FinTech Belgium - MeetUp on The Ideal RegTech for Banks and FinTechs - Jean-F...FinTech Belgium - MeetUp on The Ideal RegTech for Banks and FinTechs - Jean-F...
FinTech Belgium - MeetUp on The Ideal RegTech for Banks and FinTechs - Jean-F...FinTech Belgium
824 views10 slides
Using Strong / Verified Identities by
Using Strong / Verified IdentitiesUsing Strong / Verified Identities
Using Strong / Verified IdentitiesUbisecure
49 views2 slides

More Related Content

What's hot

PSD2, SCA and the EBA’s Opinion on SCA – Decoded by
PSD2, SCA and the EBA’s Opinion on SCA – DecodedPSD2, SCA and the EBA’s Opinion on SCA – Decoded
PSD2, SCA and the EBA’s Opinion on SCA – DecodedTransUnion
168 views32 slides
National Registry: The CORE of Indentification Program - K. Köhler by
National Registry: The CORE of Indentification Program - K. KöhlerNational Registry: The CORE of Indentification Program - K. Köhler
National Registry: The CORE of Indentification Program - K. KöhlerCommonwealth Telecommunications Organisation
1.1K views12 slides
OLB Investor Deck by
OLB Investor DeckOLB Investor Deck
OLB Investor DeckRedChip Companies, Inc.
2.6K views27 slides
ThisIsMe_Co.Profile_WebVersion_SA by
ThisIsMe_Co.Profile_WebVersion_SAThisIsMe_Co.Profile_WebVersion_SA
ThisIsMe_Co.Profile_WebVersion_SANad Shahid
188 views16 slides
Mobile money at the crossroads final by
Mobile money at the crossroads final Mobile money at the crossroads final
Mobile money at the crossroads final Camilo Tellez
934 views10 slides
Operator bank relationships by
Operator bank relationshipsOperator bank relationships
Operator bank relationshipsCamilo Tellez
1K views7 slides

What's hot(7)

PSD2, SCA and the EBA’s Opinion on SCA – Decoded by TransUnion
PSD2, SCA and the EBA’s Opinion on SCA – DecodedPSD2, SCA and the EBA’s Opinion on SCA – Decoded
PSD2, SCA and the EBA’s Opinion on SCA – Decoded
TransUnion168 views
National Registry: The CORE of Indentification Program - K. Köhler by Commonwealth Telecommunications Organisation
National Registry: The CORE of Indentification Program - K. KöhlerNational Registry: The CORE of Indentification Program - K. Köhler
National Registry: The CORE of Indentification Program - K. Köhler
Commonwealth Telecommunications Organisation1.1K views
OLB Investor Deck by RedChip Companies, Inc.
OLB Investor DeckOLB Investor Deck
OLB Investor Deck
RedChip Companies, Inc.2.6K views
ThisIsMe_Co.Profile_WebVersion_SA by Nad Shahid
ThisIsMe_Co.Profile_WebVersion_SAThisIsMe_Co.Profile_WebVersion_SA
ThisIsMe_Co.Profile_WebVersion_SA
Nad Shahid188 views
Mobile money at the crossroads final by Camilo Tellez
Mobile money at the crossroads final Mobile money at the crossroads final
Mobile money at the crossroads final
Camilo Tellez934 views
Operator bank relationships by Camilo Tellez
Operator bank relationshipsOperator bank relationships
Operator bank relationships
Camilo Tellez1K views
Patent Insights: Connected Car Innovations by Alex G. Lee, Ph.D. Esq. CLP
Patent Insights: Connected Car InnovationsPatent Insights: Connected Car Innovations
Patent Insights: Connected Car Innovations
Alex G. Lee, Ph.D. Esq. CLP177 views

Viewers also liked

[Cluj] CSP (Content Security Policy) by
[Cluj] CSP (Content Security Policy)[Cluj] CSP (Content Security Policy)
[Cluj] CSP (Content Security Policy)OWASP EEE
576 views13 slides
[Austria] How we hacked an online mobile banking Trojan by
[Austria] How we hacked an online mobile banking Trojan[Austria] How we hacked an online mobile banking Trojan
[Austria] How we hacked an online mobile banking TrojanOWASP EEE
654 views41 slides
OpenStreetMap : une voie vers l'OpenData. by
OpenStreetMap : une voie vers l'OpenData.OpenStreetMap : une voie vers l'OpenData.
OpenStreetMap : une voie vers l'OpenData.Arsenic Paca
1K views12 slides
фотоальбом by
фотоальбомфотоальбом
фотоальбом1997Olexandr
117 views7 slides
Patton Timeline final by
Patton Timeline finalPatton Timeline final
Patton Timeline finalMary Patton
278 views5 slides
фотоальбом by
фотоальбомфотоальбом
фотоальбом1997Olexandr
129 views7 slides

Viewers also liked(20)

[Cluj] CSP (Content Security Policy) by OWASP EEE
[Cluj] CSP (Content Security Policy)[Cluj] CSP (Content Security Policy)
[Cluj] CSP (Content Security Policy)
OWASP EEE576 views
[Austria] How we hacked an online mobile banking Trojan by OWASP EEE
[Austria] How we hacked an online mobile banking Trojan[Austria] How we hacked an online mobile banking Trojan
[Austria] How we hacked an online mobile banking Trojan
OWASP EEE654 views
OpenStreetMap : une voie vers l'OpenData. by Arsenic Paca
OpenStreetMap : une voie vers l'OpenData.OpenStreetMap : une voie vers l'OpenData.
OpenStreetMap : une voie vers l'OpenData.
Arsenic Paca1K views
фотоальбом by 1997Olexandr
фотоальбомфотоальбом
фотоальбом
1997Olexandr117 views
Patton Timeline final by Mary Patton
Patton Timeline finalPatton Timeline final
Patton Timeline final
Mary Patton278 views
фотоальбом by 1997Olexandr
фотоальбомфотоальбом
фотоальбом
1997Olexandr129 views
Spring JMS and ActiveMQ by Geert Pante
Spring JMS and ActiveMQSpring JMS and ActiveMQ
Spring JMS and ActiveMQ
Geert Pante1.7K views
CV - Neil by neil mallawarchchiga
CV - NeilCV - Neil
CV - Neil
neil mallawarchchiga380 views
Autodesk ürünlerinizin manuel aktivasyon yapılması by Serdar Hakan
Autodesk ürünlerinizin manuel aktivasyon yapılmasıAutodesk ürünlerinizin manuel aktivasyon yapılması
Autodesk ürünlerinizin manuel aktivasyon yapılması
Serdar Hakan1.7K views
[Bucharest] Your intents are dirty, droid! by OWASP EEE
[Bucharest] Your intents are dirty, droid![Bucharest] Your intents are dirty, droid!
[Bucharest] Your intents are dirty, droid!
OWASP EEE390 views
Influential people in education by Mary Patton
Influential people in educationInfluential people in education
Influential people in education
Mary Patton588 views
Timeline final 2 by Mary Patton
Timeline final 2Timeline final 2
Timeline final 2
Mary Patton296 views
Coherence: XTP Processing using SEDA by Taylor Gautier
Coherence: XTP Processing using SEDACoherence: XTP Processing using SEDA
Coherence: XTP Processing using SEDA
Taylor Gautier1.4K views
[Austria] Security by Design by OWASP EEE
[Austria] Security by Design[Austria] Security by Design
[Austria] Security by Design
OWASP EEE665 views
[Hungary] Secure Software? Start appreciating your developers! by OWASP EEE
[Hungary] Secure Software? Start appreciating your developers![Hungary] Secure Software? Start appreciating your developers!
[Hungary] Secure Software? Start appreciating your developers!
OWASP EEE237 views
cv Alaa Jassim Mohammed AL-Rashidi by Alaa Al-Rashidi
cv Alaa Jassim Mohammed AL-Rashidicv Alaa Jassim Mohammed AL-Rashidi
cv Alaa Jassim Mohammed AL-Rashidi
Alaa Al-Rashidi422 views
Rapport CESE 2015 : Les données numériques, un enjeu d'éducation et de citoye... by Arsenic Paca
Rapport CESE 2015 : Les données numériques, un enjeu d'éducation et de citoye...Rapport CESE 2015 : Les données numériques, un enjeu d'éducation et de citoye...
Rapport CESE 2015 : Les données numériques, un enjeu d'éducation et de citoye...
Arsenic Paca2.8K views
Presentation inseco by lalternaute
Presentation insecoPresentation inseco
Presentation inseco
lalternaute373 views
OpenData et Citoyens : accompagner les premiers pas. by Arsenic Paca
OpenData et Citoyens : accompagner les premiers pas.OpenData et Citoyens : accompagner les premiers pas.
OpenData et Citoyens : accompagner les premiers pas.
Arsenic Paca1.8K views
Apache ActiveMQ, Camel, CXF and ServiceMix Overview by Marcelo Jabali
Apache ActiveMQ, Camel, CXF and ServiceMix OverviewApache ActiveMQ, Camel, CXF and ServiceMix Overview
Apache ActiveMQ, Camel, CXF and ServiceMix Overview
Marcelo Jabali6K views

Similar to [Cluj] A distributed - collaborative client certification system

Fraud Prevention - Experian by
Fraud Prevention - ExperianFraud Prevention - Experian
Fraud Prevention - ExperianAlex Robbins
953 views23 slides
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ... by
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...TransUnion
102 views34 slides
mobiquity®Wallet checkout - Quick, seamless and secure checkout by
mobiquity®Wallet checkout - Quick, seamless and secure checkout mobiquity®Wallet checkout - Quick, seamless and secure checkout
mobiquity®Wallet checkout - Quick, seamless and secure checkout Mahindra Comviva
810 views22 slides
E payment by
E paymentE payment
E paymentShubhamKolish3
39 views22 slides
Going beyond MFA(Multi-factor authentication)-Future demands much more by
Going beyond MFA(Multi-factor authentication)-Future demands much moreGoing beyond MFA(Multi-factor authentication)-Future demands much more
Going beyond MFA(Multi-factor authentication)-Future demands much moreindragantiSaiHiranma
197 views19 slides
Лєван Авалішвіллі by
Лєван АвалішвілліЛєван Авалішвіллі
Лєван АвалішвілліSmartLviv
209 views31 slides

Similar to [Cluj] A distributed - collaborative client certification system(20)

Fraud Prevention - Experian by Alex Robbins
Fraud Prevention - ExperianFraud Prevention - Experian
Fraud Prevention - Experian
Alex Robbins953 views
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ... by TransUnion
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...
TransUnion102 views
mobiquity®Wallet checkout - Quick, seamless and secure checkout by Mahindra Comviva
mobiquity®Wallet checkout - Quick, seamless and secure checkout mobiquity®Wallet checkout - Quick, seamless and secure checkout
mobiquity®Wallet checkout - Quick, seamless and secure checkout
Mahindra Comviva810 views
E payment by ShubhamKolish3
E paymentE payment
E payment
ShubhamKolish339 views
Going beyond MFA(Multi-factor authentication)-Future demands much more by indragantiSaiHiranma
Going beyond MFA(Multi-factor authentication)-Future demands much moreGoing beyond MFA(Multi-factor authentication)-Future demands much more
Going beyond MFA(Multi-factor authentication)-Future demands much more
indragantiSaiHiranma197 views
Лєван Авалішвіллі by SmartLviv
Лєван АвалішвілліЛєван Авалішвіллі
Лєван Авалішвіллі
SmartLviv209 views
VizMan - Visitor Management System by AshokBaria
VizMan - Visitor Management SystemVizMan - Visitor Management System
VizMan - Visitor Management System
AshokBaria57 views
Role of blockchain in enterprise kyc by adityakumar2080
Role of blockchain in enterprise kycRole of blockchain in enterprise kyc
Role of blockchain in enterprise kyc
adityakumar208032 views
Mobile Risk Analysis: Take Your Mobile App Security to the Next Level by CA Technologies
Mobile Risk Analysis: Take Your Mobile App Security to the Next LevelMobile Risk Analysis: Take Your Mobile App Security to the Next Level
Mobile Risk Analysis: Take Your Mobile App Security to the Next Level
CA Technologies1K views
AY - Adaptive Access Control by Adrian Young
AY - Adaptive Access ControlAY - Adaptive Access Control
AY - Adaptive Access Control
Adrian Young327 views
Selv Demo - A Digital Health Passport by Jelle Femmo Millenaar
Selv Demo - A Digital Health PassportSelv Demo - A Digital Health Passport
Selv Demo - A Digital Health Passport
Jelle Femmo Millenaar2.9K views
Knock, Knock…The Internet of Things wants to come in? by CA Technologies
Knock, Knock…The Internet of Things wants to come in? Knock, Knock…The Internet of Things wants to come in?
Knock, Knock…The Internet of Things wants to come in?
CA Technologies1.3K views
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610 by FinTech Belgium
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610 Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
FinTech Belgium189 views
E-commerce.pptx by Vedansh Bokolia
E-commerce.pptxE-commerce.pptx
E-commerce.pptx
Vedansh Bokolia7 views
CA Identity Suite – Extending Identity Management to the Business User by CA Technologies
CA Identity Suite – Extending Identity Management to the Business UserCA Identity Suite – Extending Identity Management to the Business User
CA Identity Suite – Extending Identity Management to the Business User
CA Technologies2.3K views
KaCyber Electronic Ticketing System for Buses in Africa by Orikiiriza Inno
KaCyber Electronic Ticketing System for Buses in AfricaKaCyber Electronic Ticketing System for Buses in Africa
KaCyber Electronic Ticketing System for Buses in Africa
Orikiiriza Inno182 views
White Eagle Corporate Presentation December 2011 by warrenhardy
White Eagle Corporate Presentation December 2011White Eagle Corporate Presentation December 2011
White Eagle Corporate Presentation December 2011
warrenhardy896 views
Mature Digital Trust Infrastructure - Are we there yet? by sorenpeter
Mature Digital Trust Infrastructure - Are we there yet?Mature Digital Trust Infrastructure - Are we there yet?
Mature Digital Trust Infrastructure - Are we there yet?
sorenpeter495 views
Reduce Friction and Risk with Device Authentication by TransUnion
Reduce Friction and Risk with Device AuthenticationReduce Friction and Risk with Device Authentication
Reduce Friction and Risk with Device Authentication
TransUnion925 views
Cyber-Crime: Where the real threats are for Auto Captives by White Clarke Group
Cyber-Crime: Where the real threats are for Auto CaptivesCyber-Crime: Where the real threats are for Auto Captives
Cyber-Crime: Where the real threats are for Auto Captives
White Clarke Group3.2K views

More from OWASP EEE

[Austria] ZigBee exploited by
[Austria] ZigBee exploited[Austria] ZigBee exploited
[Austria] ZigBee exploitedOWASP EEE
747 views48 slides
[Poland] It's only about frontend by
[Poland] It's only about frontend[Poland] It's only about frontend
[Poland] It's only about frontendOWASP EEE
521 views56 slides
[Poland] SecOps live cooking with OWASP appsec tools by
[Poland] SecOps live cooking with OWASP appsec tools[Poland] SecOps live cooking with OWASP appsec tools
[Poland] SecOps live cooking with OWASP appsec toolsOWASP EEE
461 views35 slides
[Cluj] Turn SSL ON by
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ONOWASP EEE
406 views16 slides
[Cluj] Information Security Through Gamification by
[Cluj] Information Security Through Gamification[Cluj] Information Security Through Gamification
[Cluj] Information Security Through GamificationOWASP EEE
585 views17 slides
[Russia] Node.JS - Architecture and Vulnerabilities by
[Russia] Node.JS - Architecture and Vulnerabilities[Russia] Node.JS - Architecture and Vulnerabilities
[Russia] Node.JS - Architecture and VulnerabilitiesOWASP EEE
560 views15 slides

More from OWASP EEE(20)

[Austria] ZigBee exploited by OWASP EEE
[Austria] ZigBee exploited[Austria] ZigBee exploited
[Austria] ZigBee exploited
OWASP EEE747 views
[Poland] It's only about frontend by OWASP EEE
[Poland] It's only about frontend[Poland] It's only about frontend
[Poland] It's only about frontend
OWASP EEE521 views
[Poland] SecOps live cooking with OWASP appsec tools by OWASP EEE
[Poland] SecOps live cooking with OWASP appsec tools[Poland] SecOps live cooking with OWASP appsec tools
[Poland] SecOps live cooking with OWASP appsec tools
OWASP EEE461 views
[Cluj] Turn SSL ON by OWASP EEE
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
OWASP EEE406 views
[Cluj] Information Security Through Gamification by OWASP EEE
[Cluj] Information Security Through Gamification[Cluj] Information Security Through Gamification
[Cluj] Information Security Through Gamification
OWASP EEE585 views
[Russia] Node.JS - Architecture and Vulnerabilities by OWASP EEE
[Russia] Node.JS - Architecture and Vulnerabilities[Russia] Node.JS - Architecture and Vulnerabilities
[Russia] Node.JS - Architecture and Vulnerabilities
OWASP EEE560 views
[Russia] MySQL OOB injections by OWASP EEE
[Russia] MySQL OOB injections[Russia] MySQL OOB injections
[Russia] MySQL OOB injections
OWASP EEE1.6K views
[Russia] Bugs -> max, time <= T by OWASP EEE
[Russia] Bugs -> max, time <= T[Russia] Bugs -> max, time <= T
[Russia] Bugs -> max, time <= T
OWASP EEE346 views
[Russia] Give me a stable input by OWASP EEE
[Russia] Give me a stable input[Russia] Give me a stable input
[Russia] Give me a stable input
OWASP EEE335 views
[Russia] Building better product security by OWASP EEE
[Russia] Building better product security[Russia] Building better product security
[Russia] Building better product security
OWASP EEE382 views
[Lithuania] I am the cavalry by OWASP EEE
[Lithuania] I am the cavalry[Lithuania] I am the cavalry
[Lithuania] I am the cavalry
OWASP EEE539 views
[Lithuania] Cross-site request forgery: ways to exploit, ways to prevent by OWASP EEE
[Lithuania] Cross-site request forgery: ways to exploit, ways to prevent[Lithuania] Cross-site request forgery: ways to exploit, ways to prevent
[Lithuania] Cross-site request forgery: ways to exploit, ways to prevent
OWASP EEE774 views
[Lithuania] DigiCerts and DigiID to Enterprise apps by OWASP EEE
[Lithuania] DigiCerts and DigiID to Enterprise apps[Lithuania] DigiCerts and DigiID to Enterprise apps
[Lithuania] DigiCerts and DigiID to Enterprise apps
OWASP EEE350 views
[Lithuania] Introduction to threat modeling by OWASP EEE
[Lithuania] Introduction to threat modeling[Lithuania] Introduction to threat modeling
[Lithuania] Introduction to threat modeling
OWASP EEE444 views
[Hungary] I play Jack of Information Disclosure by OWASP EEE
[Hungary] I play Jack of Information Disclosure[Hungary] I play Jack of Information Disclosure
[Hungary] I play Jack of Information Disclosure
OWASP EEE510 views
[Hungary] Survival is not mandatory. The air force one has departured are you... by OWASP EEE
[Hungary] Survival is not mandatory. The air force one has departured are you...[Hungary] Survival is not mandatory. The air force one has departured are you...
[Hungary] Survival is not mandatory. The air force one has departured are you...
OWASP EEE378 views
[Bucharest] #DontTrustTheDarkSide by OWASP EEE
[Bucharest] #DontTrustTheDarkSide[Bucharest] #DontTrustTheDarkSide
[Bucharest] #DontTrustTheDarkSide
OWASP EEE517 views
[Bucharest] Catching up with today's malicious actors by OWASP EEE
[Bucharest] Catching up with today's malicious actors[Bucharest] Catching up with today's malicious actors
[Bucharest] Catching up with today's malicious actors
OWASP EEE431 views
[Bucharest] From SCADA to IoT Cyber Security by OWASP EEE
[Bucharest] From SCADA to IoT Cyber Security[Bucharest] From SCADA to IoT Cyber Security
[Bucharest] From SCADA to IoT Cyber Security
OWASP EEE1.1K views
[Bucharest] Reversing the Apple Sandbox by OWASP EEE
[Bucharest] Reversing the Apple Sandbox[Bucharest] Reversing the Apple Sandbox
[Bucharest] Reversing the Apple Sandbox
OWASP EEE338 views

Recently uploaded

Marketing and Community Building in Web3 by
Marketing and Community Building in Web3Marketing and Community Building in Web3
Marketing and Community Building in Web3Federico Ast
14 views64 slides
The Dark Web : Hidden Services by
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden ServicesAnshu Singh
14 views24 slides
ATPMOUSE_융합2조.pptx by
ATPMOUSE_융합2조.pptxATPMOUSE_융합2조.pptx
ATPMOUSE_융합2조.pptxkts120898
35 views70 slides
Affiliate Marketing by
Affiliate MarketingAffiliate Marketing
Affiliate MarketingNavin Dhanuka
17 views30 slides
hamro digital logics.pptx by
hamro digital logics.pptxhamro digital logics.pptx
hamro digital logics.pptxtupeshghimire
10 views36 slides
How to think like a threat actor for Kubernetes.pptx by
How to think like a threat actor for Kubernetes.pptxHow to think like a threat actor for Kubernetes.pptx
How to think like a threat actor for Kubernetes.pptxLibbySchulze1
5 views33 slides

Recently uploaded(6)

Marketing and Community Building in Web3 by Federico Ast
Marketing and Community Building in Web3Marketing and Community Building in Web3
Marketing and Community Building in Web3
Federico Ast14 views
The Dark Web : Hidden Services by Anshu Singh
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden Services
Anshu Singh14 views
ATPMOUSE_융합2조.pptx by kts120898
ATPMOUSE_융합2조.pptxATPMOUSE_융합2조.pptx
ATPMOUSE_융합2조.pptx
kts12089835 views
Affiliate Marketing by Navin Dhanuka
Affiliate MarketingAffiliate Marketing
Affiliate Marketing
Navin Dhanuka17 views
hamro digital logics.pptx by tupeshghimire
hamro digital logics.pptxhamro digital logics.pptx
hamro digital logics.pptx
tupeshghimire10 views
How to think like a threat actor for Kubernetes.pptx by LibbySchulze1
How to think like a threat actor for Kubernetes.pptxHow to think like a threat actor for Kubernetes.pptx
How to think like a threat actor for Kubernetes.pptx
LibbySchulze15 views

[Cluj] A distributed - collaborative client certification system

  • 1. EEE 2015, Cluj Napoca Stefan Harsan Farr (As means to fight cybercriminality)
  • 2. EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System Our Reality Hyperspace physical limitations pressure of consequences an easy road to criminality rules of engagement advantage from braking the rules competitive world utopian environment teleportation
  • 3. EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System Victory favors the attacker - energy spent planning - element of surprize - cloak of invisibility - teleportation The nature of Internet
  • 4. EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System A face in Cyberspace ? Not with Ethernet, TCP, MAC Yes, for Businesses (sites) Not, for People (clients) Yes & No, for People window for attack SSL / TLS In App (session based)
  • 5. EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System Certification Authority information is public by nature information is reliable few in number by comparison information is private by nature information is fast changing and unreliable privacy and legal concerns { {too many ... abandoned in use Business Individual
  • 6. EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System respects privacy can manage the number can provide up to date identification not for replacing present authentication it identifies access points, not users not one CA, but existing actors For Individuals Some Differences Distributed, Collaborative Client Certification System
  • 7. EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System PKI system (signature / verfication) identifies an end point anonymous, no data collected some one time issued verification system wait .... little value .... installed into networking applications or directly into the OS To Individuals Collaborative Client Certification Authority C3 Authority Client Certificate O
  • 8. EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System Client Certificate O ANONYMOUS INDIVIDUAL email providers, phone companies or other communication service prviders Client Certificate O Collaborative Client Certification Authority C3 Authority Degree 1 Certification Authority 1O CA weakly reachable, email, phone, etc.
  • 9. EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System Client Certificate O ANONYMOUS INDIVIDUAL banks, medical institutions, government entities or, any entity that comes in physical contact with the individual Client Certificate O Collaborative Client Certification Authority C3 Authority Degree 2 Certification Authority 2O CA strongly identifiable, physical identity can be requested from 2o CA
  • 10. EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System NOT SO ANONYMOUS INDIVIDUAL Collaborative Client Certification Authority C3 Authority OFFENDED ENTITY LEGAL AUTHORITY warning arrest Degree 2 Certification Authority 2O CA Degree 1 Certification Authority 1O CA
  • 11. EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System Client Certificate O Client Certificate O Client Certificate O INDIVIDUAL WEB ENTITIES THAT NEED NO SECURITY WEB ENTITIES THAT NEED SOME SECURITY accept drop accept accept WEB COMPANIES DEALING WITH MONEY, WEB SHOPS, BORKERS, etc
  • 12. EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System cannot be prevented can be detected BigData analyses track source of SPAM track source of mallware block certificate trigger validation Client Certificate compromised certificate - stolen - recovered from disposed devices 2O CYBER CRYMINAL accept WEB COMPANIES DEALING WITH MONEY, WEB SHOPS, BORKERS, etc
  • 13. EEE 2015, Cluj NapocaA Distributed - Collaborative Client Certification System future could be bright ..... BigData analyses provide statistics to certificate owners parental control sign every email, uploaded file by default empower legitimate users & hinder criminal activity challenges ..... adoption getting companies to collaborate vendor & business neutral approach
  • 14. EEE 2015, Cluj Napoca Stefan Harsan Farr stefan@earless.net