Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
Ataques XSS Google Persistentes
Next
Download to read offline and view in fullscreen.

0

Share

Download to read offline

Latch Security Scenarios

Download to read offline

Presentación realizada el 3 de Julio en la que se presentaron los plugins de Latch para OS X, Latch para Windows [Personal/Enterprise] Edition y Latch para Linux. Los plugins están disponibles en: https://latch.elevenpaths.com/www/plugins_sdks.html

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

Latch Security Scenarios

  1. 1. elevenpaths.com Chema Alonso
  2. 2. elevenpaths.com Product APP (Advanced Persistent Pentesting) Service 24x7x365 Metadata clean up software to avoid DLP (WebServers, FS, SPS Desktop, Forensics) 2FAuthorization based on Open Digital Latches platform Target Market Medium – Large Corporates Enterprise Consumers Corporate consumers B2B2C Stage Launched Dec 2013 Launched Dec 2013 Launched Dec 2013 Growing up 11Paths Products
  3. 3. elevenpaths.com We use our digital services just a tiny portion of time everyday. Why should we left them open through the day? If we reduce availability, we reduce exposure, and therefore risk. Those developing new security proposals in online purchase are seizing all of the market.
  4. 4. elevenpaths.com Taking a cab To make her trip easier she decidesto pay everything using a service, on her way to the officeat the destinationpoint she switches service on, so she can pay the taxi fare.Once done she switches her accountoff, minimizing the exposure to improper usage.
  5. 5. elevenpaths.com At the airport Anna has just starteda new job and she is on a business trip. As usual, she checks the weather,preparesher suitcase and defines her online security levels using Latch.
  6. 6. elevenpaths.com Latch Server 1.- Generate pairing code 2.- Temporary Pariring token My Site User Settings: Login: XXXX Pass: YYYY Latch: 4.-AppID+Temp pairing Token 5.- OK+Unique Latch 6.-ID Latch appears in app U L a t c h Latch on a digital ID
  7. 7. elevenpaths.com Latch Server My Bank Users DB: Login: XXXX Pass: YYYY Latch: Latch1 Login Page: Login:AAAA Pass:BBBB 1.- Client sends Login/password 2.- Web checks Credentials with Its users DB 3.- asks about Latch1 status 4.- Latch 1 is OFF 5.- Login Error 6.- Someone try to get Access to Latch 1 id. 2.- Check user/pass Login into a Web
  8. 8. elevenpaths.com Open Platform: Official Plugins
  9. 9. elevenpaths.com Open Platform: Official SDK
  10. 10. elevenpaths.com Open Platform: Non-Official Plugins
  11. 11. elevenpaths.com Open Platform: SCCAID
  12. 12. elevenpaths.com Open Platform: Physical World
  13. 13. elevenpaths.com Open Platform: Physical World
  14. 14. elevenpaths.com Open Platform: Latch Event Monitor
  15. 15. elevenpaths.com Open Platform: Latch for Windows (Personal)
  16. 16. elevenpaths.com Windows XP / Vista / 7 / 8/8.1 Local Users Query Status User pairing Open Platform: Latch for Windows (Personal) Latch for Windows
  17. 17. elevenpaths.com Windows Server 2003 / 2008 / 2012 Domain Users Latch for Windows Query Status User pairing Windows XP / Vista / 7 / 8/ 8.1Login Pairing Intranet Open Platform: Latch for Windows (Enterprise)
  18. 18. elevenpaths.com Windows Server 2003 / 2008 / 2012 Latch for Windows Windows Server 2003 / 2008 / 2012 Domain Users Latch for windows Secondary Domain Controllers Principal Domain Controller Sync Service Domain Users Open Platform: Latch for Windows (Enterprise) Windows Server 2003 / 2008 / 2012 Domain Users Latch for windows
  19. 19. elevenpaths.com Open Platform: Latch for OSX
  20. 20. elevenpaths.com Open Platform: Latch for Linux – Ubuntu
  21. 21. elevenpaths.com Latch Server Latch app Latch1: OFF Latch2:ON Latch3:OTP Latch4:OFF …. My Bank Users DB: Login: XXXX Pass: YYYY Latch: Latch1 Login Page: Login:AAAA Pass:BBBB 1.- Client sends Login/password 2.- Web checks Credentials with Its users DB 3.- asks about Latch1 status 5.- Latch 1 is ON(OTP) 6.- OTP? 7.- Use this (OTP). 4.- Latch Server Generates OTP 2.- Check user/pass Login into a Web with OTP
  22. 22. elevenpaths.com Login into a Web with OTP
  23. 23. elevenpaths.com Latch Server Latch app Latch1: ON Op1:OFF Op2:ON OP3:OTP Latch 2: OFF …. My Bank Login: XXXX Pass: YYYY Latch: Latch1 Int_Trnas: Op1 Online Banking Send Money: 1231124343 1.- Client orders International Transactions 3.- asks Latch1:Op1 status 4.- Latch 1:Op1 is OFF 5.- Denied 6.- Someone try to do a Latch 1:Op1 Operation Operations in Latch
  24. 24. elevenpaths.com Users Developers Corporates Control all digital identities from one single point. ON/OFF. Integrate Plugins and develop solutions with SDKs to adapt Latch technology to their needs SDKs: PHP, Java, .NET, C, Ruby, Python & WebService API Plugins: WordPress, PrestaShop, RedMine, Cpanel, Moodle, OpenVPN, SSH, Drupal, DotNetNuke, Joomla!, … more than 20 · Deploy 2FAuth · Opt-in/mandatory · Detect identity theft · Granularity · Reduce Fraud · Parental Control · 4 Eyes verification Tools · Control Dashboard · Usage Statistics · Internal appliance (beta)
  25. 25. elevenpaths.com User1 Pass1 User2 Pass2 Login: User2 Pass: Pass2 Latch: Latch2 Login: User1 Pass: Pass1 Latch: Latch1 4-eyes verification
  26. 26. elevenpaths.com Asset Latch: Latch1 Latch: Latch 2 2 Keys Activation User1 Pass1 User2 Pass2
  27. 27. elevenpaths.com User Pass Login: User Pass: Pass Latch: Latch Parental Control
  28. 28. elevenpaths.com Why? Answer OTP Supervision Login: User Pass: Pass Latch: Latch Op1:Unlock Op2: OTP User Pass
  29. 29. elevenpaths.com LST: Latch Support Tool
  30. 30. elevenpaths.com • On development: · Blackberry & BlackBerry z10 Consumer Apps
  31. 31. elevenpaths.com https://latch.elevenpaths.com

Presentación realizada el 3 de Julio en la que se presentaron los plugins de Latch para OS X, Latch para Windows [Personal/Enterprise] Edition y Latch para Linux. Los plugins están disponibles en: https://latch.elevenpaths.com/www/plugins_sdks.html

Views

Total views

1,414

On Slideshare

0

From embeds

0

Number of embeds

16

Actions

Downloads

26

Shares

0

Comments

0

Likes

0

×