Authentication means in electronic environments

917 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
917
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Authentication means in electronic environments

  1. 1. Authentication means in electronic environments
  2. 2. Authentication <ul><li>Identity vs. Authentication </li></ul><ul><li>Needs </li></ul><ul><ul><ul><li>Ensure authenticity of data source or person </li></ul></ul></ul><ul><li>Need for physical authentication in e-services </li></ul><ul><ul><ul><li>Provide authentic services </li></ul></ul></ul><ul><ul><ul><li>Data confidentiality </li></ul></ul></ul><ul><li>Risks </li></ul><ul><ul><ul><li>Identity thefts </li></ul></ul></ul><ul><ul><ul><li>Fake services, confidential information stealing </li></ul></ul></ul>
  3. 3. Authentication <ul><li>for a positive authentication, elements from at least two, and preferably all three, factors be verified. </li></ul><ul><ul><ul><li>the ownership factors: Something the user has (ID-Cards, magnetic card, ...) </li></ul></ul></ul><ul><ul><ul><li>the knowledge factors: Something the user knows (e.g., a password, pass phrase,) </li></ul></ul></ul><ul><ul><ul><li>the inheritance factors: Something the user is or does (biometric identifiers). </li></ul></ul></ul>
  4. 4. Authentication technologies <ul><li>Password cards (random numbers) </li></ul><ul><ul><ul><li>Cheap to produce </li></ul></ul></ul><ul><ul><ul><li>Easy to copy, Not scalable </li></ul></ul></ul><ul><li>One-time passwords (at paper) </li></ul><ul><ul><ul><li>Cheap, better security </li></ul></ul></ul><ul><ul><ul><li>Not scalable </li></ul></ul></ul><ul><li>PIN-Calculators </li></ul><ul><ul><ul><li>Relatively secure </li></ul></ul></ul><ul><ul><ul><li>You need 1 calculator per service, not scalable </li></ul></ul></ul><ul><ul><ul><li>NB!: Swedish BankID </li></ul></ul></ul><ul><li>ID-Cards (PKI) </li></ul><ul><ul><ul><li>Secure, </li></ul></ul></ul><ul><ul><ul><li>Complicate to adapt and high cost of infrastructure </li></ul></ul></ul><ul><li>Mobile-ID (WPKI), RFID in mobile phones, etc... </li></ul>
  5. 5. Challenges of eID adaption <ul><li>Critical mass of users </li></ul><ul><li>Technology adaption is key factor </li></ul><ul><ul><li>Adaption in e-Services (financial and public sectors!) </li></ul></ul><ul><ul><li>Adaption among users: </li></ul></ul><ul><ul><ul><ul><li>Users take service security as granted – higher security is NOT sales argument </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Barriers of installing and lack of card-readers (not in mobile-ID) </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Usability of client-software </li></ul></ul></ul></ul><ul><li>Unsuccessful business models of certification authorities </li></ul><ul><li>Infrastructure should be provided by public sectors </li></ul>
  6. 6. STORK project <ul><li>S ecure Iden t ity Acr o ss Bo r ders Lin k ed </li></ul><ul><ul><li>Establish a European eID interoperability Platform </li></ul></ul><ul><ul><li>Will allow citizens to establish new e-relations across borders, just by presenting their national eID </li></ul></ul><ul><ul><li>Pilot projects: </li></ul></ul><ul><ul><ul><li>Cross border authentication platform - for electronic services </li></ul></ul></ul><ul><ul><ul><li>Safer Chat - To promote safe use of the Internet by children and young people </li></ul></ul></ul><ul><ul><ul><li>Student Mobility - To help people who want to study in different Member States </li></ul></ul></ul><ul><ul><ul><li>Electronic Delivery - To develop cross-border mechanisms for secure online delivery of documents </li></ul></ul></ul><ul><ul><ul><li>Change of Address - To assist people moving across EU borders </li></ul></ul></ul><ul><ul><ul><li>European Commission Authentication Service – ECAS </li></ul></ul></ul>
  7. 7. All MS have their own eID infrastructure CITIZEN CITIZEN CITIZEN CITIZEN CITIZEN
  8. 8. Pan European Proxy Service

×