Latch Security Scenarios

1,095 views

Published on

Presentación realizada el 3 de Julio en la que se presentaron los plugins de Latch para OS X, Latch para Windows [Personal/Enterprise] Edition y Latch para Linux. Los plugins están disponibles en: https://latch.elevenpaths.com/www/plugins_sdks.html

Published in: Technology
1 Comment
0 Likes
Statistics
Notes
  • ¡Hola Chema! Por favor, ¿cuándo para cPanel?
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total views
1,095
On SlideShare
0
From Embeds
0
Number of Embeds
16
Actions
Shares
0
Downloads
21
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide
  • ejOcoAdG
  • ejOcoAdG
  • Nevele
  • Latch Security Scenarios

    1. 1. elevenpaths.com Chema Alonso
    2. 2. elevenpaths.com Product APP (Advanced Persistent Pentesting) Service 24x7x365 Metadata clean up software to avoid DLP (WebServers, FS, SPS Desktop, Forensics) 2FAuthorization based on Open Digital Latches platform Target Market Medium – Large Corporates Enterprise Consumers Corporate consumers B2B2C Stage Launched Dec 2013 Launched Dec 2013 Launched Dec 2013 Growing up 11Paths Products
    3. 3. elevenpaths.com We use our digital services just a tiny portion of time everyday. Why should we left them open through the day? If we reduce availability, we reduce exposure, and therefore risk. Those developing new security proposals in online purchase are seizing all of the market.
    4. 4. elevenpaths.com Taking a cab To make her trip easier she decidesto pay everything using a service, on her way to the officeat the destinationpoint she switches service on, so she can pay the taxi fare.Once done she switches her accountoff, minimizing the exposure to improper usage.
    5. 5. elevenpaths.com At the airport Anna has just starteda new job and she is on a business trip. As usual, she checks the weather,preparesher suitcase and defines her online security levels using Latch.
    6. 6. elevenpaths.com Latch Server 1.- Generate pairing code 2.- Temporary Pariring token My Site User Settings: Login: XXXX Pass: YYYY Latch: 4.-AppID+Temp pairing Token 5.- OK+Unique Latch 6.-ID Latch appears in app U L a t c h Latch on a digital ID
    7. 7. elevenpaths.com Latch Server My Bank Users DB: Login: XXXX Pass: YYYY Latch: Latch1 Login Page: Login:AAAA Pass:BBBB 1.- Client sends Login/password 2.- Web checks Credentials with Its users DB 3.- asks about Latch1 status 4.- Latch 1 is OFF 5.- Login Error 6.- Someone try to get Access to Latch 1 id. 2.- Check user/pass Login into a Web
    8. 8. elevenpaths.com Open Platform: Official Plugins
    9. 9. elevenpaths.com Open Platform: Official SDK
    10. 10. elevenpaths.com Open Platform: Non-Official Plugins
    11. 11. elevenpaths.com Open Platform: SCCAID
    12. 12. elevenpaths.com Open Platform: Physical World
    13. 13. elevenpaths.com Open Platform: Physical World
    14. 14. elevenpaths.com Open Platform: Latch Event Monitor
    15. 15. elevenpaths.com Open Platform: Latch for Windows (Personal)
    16. 16. elevenpaths.com Windows XP / Vista / 7 / 8/8.1 Local Users Query Status User pairing Open Platform: Latch for Windows (Personal) Latch for Windows
    17. 17. elevenpaths.com Windows Server 2003 / 2008 / 2012 Domain Users Latch for Windows Query Status User pairing Windows XP / Vista / 7 / 8/ 8.1Login Pairing Intranet Open Platform: Latch for Windows (Enterprise)
    18. 18. elevenpaths.com Windows Server 2003 / 2008 / 2012 Latch for Windows Windows Server 2003 / 2008 / 2012 Domain Users Latch for windows Secondary Domain Controllers Principal Domain Controller Sync Service Domain Users Open Platform: Latch for Windows (Enterprise) Windows Server 2003 / 2008 / 2012 Domain Users Latch for windows
    19. 19. elevenpaths.com Open Platform: Latch for OSX
    20. 20. elevenpaths.com Open Platform: Latch for Linux – Ubuntu
    21. 21. elevenpaths.com Latch Server Latch app Latch1: OFF Latch2:ON Latch3:OTP Latch4:OFF …. My Bank Users DB: Login: XXXX Pass: YYYY Latch: Latch1 Login Page: Login:AAAA Pass:BBBB 1.- Client sends Login/password 2.- Web checks Credentials with Its users DB 3.- asks about Latch1 status 5.- Latch 1 is ON(OTP) 6.- OTP? 7.- Use this (OTP). 4.- Latch Server Generates OTP 2.- Check user/pass Login into a Web with OTP
    22. 22. elevenpaths.com Login into a Web with OTP
    23. 23. elevenpaths.com Latch Server Latch app Latch1: ON Op1:OFF Op2:ON OP3:OTP Latch 2: OFF …. My Bank Login: XXXX Pass: YYYY Latch: Latch1 Int_Trnas: Op1 Online Banking Send Money: 1231124343 1.- Client orders International Transactions 3.- asks Latch1:Op1 status 4.- Latch 1:Op1 is OFF 5.- Denied 6.- Someone try to do a Latch 1:Op1 Operation Operations in Latch
    24. 24. elevenpaths.com Users Developers Corporates Control all digital identities from one single point. ON/OFF. Integrate Plugins and develop solutions with SDKs to adapt Latch technology to their needs SDKs: PHP, Java, .NET, C, Ruby, Python & WebService API Plugins: WordPress, PrestaShop, RedMine, Cpanel, Moodle, OpenVPN, SSH, Drupal, DotNetNuke, Joomla!, … more than 20 · Deploy 2FAuth · Opt-in/mandatory · Detect identity theft · Granularity · Reduce Fraud · Parental Control · 4 Eyes verification Tools · Control Dashboard · Usage Statistics · Internal appliance (beta)
    25. 25. elevenpaths.com User1 Pass1 User2 Pass2 Login: User2 Pass: Pass2 Latch: Latch2 Login: User1 Pass: Pass1 Latch: Latch1 4-eyes verification
    26. 26. elevenpaths.com Asset Latch: Latch1 Latch: Latch 2 2 Keys Activation User1 Pass1 User2 Pass2
    27. 27. elevenpaths.com User Pass Login: User Pass: Pass Latch: Latch Parental Control
    28. 28. elevenpaths.com Why? Answer OTP Supervision Login: User Pass: Pass Latch: Latch Op1:Unlock Op2: OTP User Pass
    29. 29. elevenpaths.com LST: Latch Support Tool
    30. 30. elevenpaths.com • On development: · Blackberry & BlackBerry z10 Consumer Apps
    31. 31. elevenpaths.com https://latch.elevenpaths.com

    ×