SlideShare a Scribd company logo

Development of Digital Identity Systems

Download as PPTX, PDF
Maganathin Veeraragaloo
Maganathin Veeraragaloo

Development of Digital Identity Systems using NIST Identity Model an reviewing this within context of Digital Transformation

Government & Nonprofit
1 of 33
Development of Digital Identity Systems Presenter: Maganathin Marcus Veeraragaloo Date: 6th July 2017
• Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Agenda
• Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Agenda
Context – Digital Transformation / Industry 4.0
Context – Digital Transformation / Industry 4.0
Context – Digital Transformation / Industry 4.0
• Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Cyber Security is evolving into Digital Security
Cyber Security evolution to Digital Security Digital Security Cyber Security Information Security IT Security Physical Security IoT Security OT Security Smart Grid Security Network Perimeter Disappearing Digital Security is the evolution of Cyber Security or The scope of Cyber Security is evolving into Digital Security
• Context – Digital Transformation / Industry 4.0 • Cyber Security is evolving into Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Agenda
Identity in a Digital World Identity
• Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Agenda
Development of Digital Identity Standards NIST Special Publications 800-63 Suite SP-800-63-3 Digital Identity Guidelines SP-800-63-3A Enrollment & Identity Proofing SP-800-63-3B Authentication & Life Cycle Management SP-800-63-3C Federation and Assertions Identity Assurance Level (IAL): the identity proofing process and the binding between one or more authenticators and the records pertaining to a specific subscriber Authenticator Assurance Level (AAL): the authentication process, including how additional factors and authentication mechanisms can impact risk mitigation Federation Assurance Level (FAL): the assertion used in a federated environment to communicate authentication and attribute information to a relying party (RP)
• It provides an overview of general identity frameworks; using authenticators, credentials, and assertions together in a digital system; • Organizations can perform a risk assessment, answer a set of functional questions, and, based on their responses, be guided to the most appropriate xAL for their system and users. • Agencies need to look for requirements and ensures that the assessment of risks and the available processes and technologies mitigate that risk and are well aligned. • Align with commercial markets, promote international interoperability, and focus on outcomes (where possible) to promote innovation and deployment flexibility. Development of Digital Identity Standards NIST-800-63-3
Development of Digital Identity Standards Digital Identity Model – NIST 800-63-3 ( Digital Identity Guidelines)
• Arguably the most difficult part of digital identity: strengthening identity proofing while expanding options for remote and in-person proofing. • Guidelines clarify methods for resolving an identity to a single person and enables RPs to evaluate and determine the strength of identity evidence. • The proofing guidance moves away from a static list of acceptable documents and instead describes “characteristics” for the evidence necessary to achieve each IAL. • Agencies can now pick the evidence that works best for their stakeholders: what matters is the process behind the presentation. • This opens the door for a diverse array of proofing options, including virtual in-person (aka “supervised remote”) and trusted referees (e.g., notaries, Certificate Authorities), and offers clearer guidelines on document checking and address confirmation. Development of Digital Identity Standards Identity Proofing (SP-800-63A)
• The new guidelines also enable server-side biometric matching and include a comprehensive set of biometric performance and security requirements. • Biometric sensors are common in the devices that so many users carry daily • Provide guidelines that can prevent unreliable or weak biometric approaches from sneaking their way into digital services. • More options (to include more usable ones) at higher assurance levels. • Changes Too • email as a place to send one-time-passwords (OTPs) • plain old SMS to send OTPs, although SMS is allowable with some risk-based and security measures • “token” talk – it’s now “authenticator” Development of Digital Identity Standards Authentication (SP-800-63B)
• Federation is when the RP and IdP are not a single entity or not under common administration. • Federation enables an IdP to proof and authenticate an individual and provide identity assertions that RPs can accept and trust. • Provides greater detail on how assertions should be used, and includes a host of privacy-enhancing requirements that can make federation appealing to users. Development of Digital Identity Standards Federation (SP-800-63C)
• Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Conclusion Agenda
• OAuth 2.0 enables applications to access resources on behalf of a specific user. This is why the OAuth protocol has a resource server — a policy enforcement point that is likely either an API gateway or a reverse-proxy Web access management (WAM) system. • The OAuth access and resource servers work in concert to provide access to resources via a scope (see the Scopes section) entitlement request by the application. Authentication Protocols • Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML standard for exchanging authentication and authorization data between security domains. • SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal (usually an end user) between a SAML authority, named an Identity Provider, and a SAML consumer, named a Service Provider. • SAML 2.0 enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO), which helps reduce the administrative overhead of distributing multiple authentication tokens to the • Connect is about authentication — providing an ID Token for interoperable access to cross-domain relying. • The Connect protocol leaves the policy enforcement to the relying party — just like SAML does.
Authentication Protocols • Is a means of expressing specific entities in a system by URL path elements. • REST is not an architecture but it is an architectural style to build services on top of the Web. • REST allows interaction with a web-based system via simplified URLs rather than complex request body or POST parameters to request specific items from the system. • REST stands for Representational State Transfer. It relies on a stateless, client- server, cacheable communications. In most cases it is used with the HTTP protocol. • JavaScript Object Notation or JSON (/ˈdʒeɪsən/ JAY-sən), is an open-standard file format that uses human-readable text to transmit data objects consisting of attribute–value pairs and array data types (or any other serializable value). ... JSON is a language-independent data format.
Authentication Protocols Source: https://fidoalliance.org
Authentication Protocols Source: https://fidoalliance.org
• Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Agenda
Authentication Technologies Blockchain and Digital Signatures • Usually a digital signature is made using the private key of the owner. Whoever wants to verify the signature can do so using the corresponding public key. • Suppose a company wants to accept Bitcoins for its trades. Now, because of security reasons, the company would not want that only a single employee will have access to the company's Bitcoin wallet's password. Any transaction should need approval from more than one employees of the company. A multi- signature address is created for that purpose.
Authentication Technologies Blockchain and Digital Signatures…continued • A multi-signature address is an address associated with more than one Elliptic Curve Digital Signature Algorithm (ECDSA) private keys. So, in an m-of-n address, when a Bitcoin address is generated, it is associated with n private keys. And, at least m private keys will be required to make a transaction possible. • This concept can be used in making digital signatures. One can create a multi-signature m-of-n address using n private keys and use that to record digital signature of documents in a blockchain. Anyone can verify the digital signature using public keys, but to make the digital signature one would need at least m private keys, out f n private keys associated with the multi-signature address.
Authentication Technologies Public Key Infrastructure - Digital Signatures • When two hosts want to transfer sensitive data between them, they use an encrypted communication. Both the hosts first connect to each other, authenticate themselves and after that an encrypted connection is established, using which sensitive data are transferred. • If a host wants to authenticate itself to the other host, it needs to prove its identity. Normally, public key cryptography is used for that purpose. Each host possesses a private-public key pair. And, to establish an encrypted connection, they share their public keys to each other. • But, one has to confirm that the shared public key indeed belongs to the sender. Public Key Infrastructure or PKI is an arrangement which is used for that purpose. It binds public keys with corresponding identities through registration and issuance of certificates and using centralized authority called Certificate Authority or CA. PKI consists of set of roles, policies and procedures to create, manage, distribute or revoke digital certificates.
Authentication Technologies Public Key Infrastructure - Digital Signatures • Certificate Authority - A Certificate Authority issues a digital certificate to an entity. The issued digital certificate is signed with the private key of the CA, so that it is not tampered with. When a host gets a digital certificate of another host, it checks with the corresponding CA to make sure it is an authentic one. • Registration Authority - When an entity requests for a digital certificate, the Registration Authority verifies the identity of the entity to make sure the digital certificate is not mis-issued. • Central Directory - A Central Directory is a central location where public keys are stored and indexed, so that they can be retrieved at the time of verification of digital certificates. • Certificate Management System - A Certificate Management System manages access to stored certificates and the delivery of the certificates to be issued. • Certificate Policy - It consists of policies of digital certificates.
Authentication Technologies Block Chain
Authentication Technologies Block Chain
• Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Agenda
Conclusion Trusted Digital Identity Source: https://securityintelligence.com/
Conclusion
Thank-You

Recommended

Board secretaries and general counsels
Board secretaries and general counsels Board secretaries and general counsels
Board secretaries and general counsels Maganathin Veeraragaloo
 
Digital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsDigital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsMaganathin Veeraragaloo
 
Cloud computing risk assesment presentation
Cloud computing risk assesment presentationCloud computing risk assesment presentation
Cloud computing risk assesment presentationAhmad El Tawil
 
Cloud computing risks
Cloud computing risksCloud computing risks
Cloud computing riskssripriya78
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMatthew Rosenquist
 
Mergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHMergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHEQS Group
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterTuan Phan
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governancenooralmousa
 

Recommended

Board secretaries and general counsels
Board secretaries and general counsels Board secretaries and general counsels
Board secretaries and general counsels Maganathin Veeraragaloo
 
Digital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsDigital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsMaganathin Veeraragaloo
 
Cloud computing risk assesment presentation
Cloud computing risk assesment presentationCloud computing risk assesment presentation
Cloud computing risk assesment presentationAhmad El Tawil
 
Cloud computing risks
Cloud computing risksCloud computing risks
Cloud computing riskssripriya78
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMatthew Rosenquist
 
Mergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHMergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHEQS Group
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterTuan Phan
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governancenooralmousa
 
CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureKarthikeyan Dhayalan
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 
Security architecture frameworks
Security architecture frameworksSecurity architecture frameworks
Security architecture frameworksJohn Arnold
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014KBIZEAU
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGovernment Technology and Services Coalition
 
M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017EQS Group
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Phil Agcaoili
 
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...Micro Focus
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
Cloud security - Auditing and Compliance
Cloud security - Auditing and ComplianceCloud security - Auditing and Compliance
Cloud security - Auditing and ComplianceJosh Tullo
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsIgnyte Assurance Platform
 
U nit 4
U nit 4U nit 4
U nit 4Integral university, India
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Jonathan Sinclair
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and ComplianceQuadrisk
 
Chapter 1 Law & Ethics
Chapter 1 Law & EthicsChapter 1 Law & Ethics
Chapter 1 Law & EthicsKarthikeyan Dhayalan
 
QSA Shares PCI 3.0 Advice & Checklist
QSA Shares PCI 3.0 Advice & ChecklistQSA Shares PCI 3.0 Advice & Checklist
QSA Shares PCI 3.0 Advice & ChecklistTripwire
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsGovernment Technology and Services Coalition
 
Enterprise policy-management
Enterprise policy-managementEnterprise policy-management
Enterprise policy-managementAmit Bhargava
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Priyanka Aash
 
Public Digital Identity as a Service
Public Digital Identity as a ServicePublic Digital Identity as a Service
Public Digital Identity as a ServicePT Datacomm Diangraha
 
Carrie Peter
Carrie PeterCarrie Peter
Carrie Peteritnewsafrica
 

More Related Content

What's hot

CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureKarthikeyan Dhayalan
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 
Security architecture frameworks
Security architecture frameworksSecurity architecture frameworks
Security architecture frameworksJohn Arnold
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014KBIZEAU
 
M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017EQS Group
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Phil Agcaoili
 
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...Micro Focus
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
Cloud security - Auditing and Compliance
Cloud security - Auditing and ComplianceCloud security - Auditing and Compliance
Cloud security - Auditing and ComplianceJosh Tullo
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsIgnyte Assurance Platform
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Jonathan Sinclair
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and ComplianceQuadrisk
 
QSA Shares PCI 3.0 Advice & Checklist
QSA Shares PCI 3.0 Advice & ChecklistQSA Shares PCI 3.0 Advice & Checklist
QSA Shares PCI 3.0 Advice & ChecklistTripwire
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
Enterprise policy-management
Enterprise policy-managementEnterprise policy-management
Enterprise policy-managementAmit Bhargava
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Priyanka Aash
 

What's hot (20)

CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architecture
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015
 
Security architecture frameworks
Security architecture frameworksSecurity architecture frameworks
Security architecture frameworks
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through Acquisition
 
M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
 
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - Introduction
 
Cloud security - Auditing and Compliance
Cloud security - Auditing and ComplianceCloud security - Auditing and Compliance
Cloud security - Auditing and Compliance
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
 
U nit 4
U nit 4U nit 4
U nit 4
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and Compliance
 
Chapter 1 Law & Ethics
Chapter 1 Law & EthicsChapter 1 Law & Ethics
Chapter 1 Law & Ethics
 
QSA Shares PCI 3.0 Advice & Checklist
QSA Shares PCI 3.0 Advice & ChecklistQSA Shares PCI 3.0 Advice & Checklist
QSA Shares PCI 3.0 Advice & Checklist
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the Curve
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
 
Enterprise policy-management
Enterprise policy-managementEnterprise policy-management
Enterprise policy-management
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES
 

Similar to Development of Digital Identity Systems

Public Digital Identity as a Service
Public Digital Identity as a ServicePublic Digital Identity as a Service
Public Digital Identity as a ServicePT Datacomm Diangraha
 
Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Avirot Mitamura
 
Cartes Asia Dem 2010 V2
Cartes Asia Dem 2010 V2Cartes Asia Dem 2010 V2
Cartes Asia Dem 2010 V2Donald Malloy
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYDEEPAK948083
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identityWAFAA AL SALMAN
 
Trust in E- and M-Business - Advances Through IT-Security
Trust in E- and M-Business - Advances Through IT-SecurityTrust in E- and M-Business - Advances Through IT-Security
Trust in E- and M-Business - Advances Through IT-SecurityOliver Pfaff
 
How Cloud-Based Service Providers Can Integrate Strong Identity and Security
How Cloud-Based Service Providers Can Integrate Strong Identity and SecurityHow Cloud-Based Service Providers Can Integrate Strong Identity and Security
How Cloud-Based Service Providers Can Integrate Strong Identity and SecurityGlobalSign
 
Enterprise Blockchain: Top Considerations Before You Deploy
Enterprise Blockchain: Top Considerations Before You Deploy Enterprise Blockchain: Top Considerations Before You Deploy
Enterprise Blockchain: Top Considerations Before You DeployKaleido
 
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio AlamilloIntroducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio AlamilloSSIMeetup
 
Blockchain Bootcamp - Leadership Edition
Blockchain Bootcamp - Leadership EditionBlockchain Bootcamp - Leadership Edition
Blockchain Bootcamp - Leadership EditionFarhan Farrukh
 
#MFSummit2016 Secure: Mind the gap strengthening the information security model
#MFSummit2016 Secure: Mind the gap strengthening the information security model#MFSummit2016 Secure: Mind the gap strengthening the information security model
#MFSummit2016 Secure: Mind the gap strengthening the information security modelMicro Focus
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network securityrhassan84
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network securityrhassan84
 
The implications of blockchain for the insurance industry - Eurapco Peer Semi...
The implications of blockchain for the insurance industry - Eurapco Peer Semi...The implications of blockchain for the insurance industry - Eurapco Peer Semi...
The implications of blockchain for the insurance industry - Eurapco Peer Semi...Vidal Chriqui
 
Blockchains : Risk or Mitigation?
Blockchains : Risk or Mitigation?Blockchains : Risk or Mitigation?
Blockchains : Risk or Mitigation?ITU
 

Similar to Development of Digital Identity Systems (20)

Public Digital Identity as a Service
Public Digital Identity as a ServicePublic Digital Identity as a Service
Public Digital Identity as a Service
 
Carrie Peter
Carrie PeterCarrie Peter
Carrie Peter
 
Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)
 
Cartes Asia Dem 2010 V2
Cartes Asia Dem 2010 V2Cartes Asia Dem 2010 V2
Cartes Asia Dem 2010 V2
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identity
 
Trust in E- and M-Business - Advances Through IT-Security
Trust in E- and M-Business - Advances Through IT-SecurityTrust in E- and M-Business - Advances Through IT-Security
Trust in E- and M-Business - Advances Through IT-Security
 
How Cloud-Based Service Providers Can Integrate Strong Identity and Security
How Cloud-Based Service Providers Can Integrate Strong Identity and SecurityHow Cloud-Based Service Providers Can Integrate Strong Identity and Security
How Cloud-Based Service Providers Can Integrate Strong Identity and Security
 
Enterprise Blockchain: Top Considerations Before You Deploy
Enterprise Blockchain: Top Considerations Before You Deploy Enterprise Blockchain: Top Considerations Before You Deploy
Enterprise Blockchain: Top Considerations Before You Deploy
 
Cryptography
CryptographyCryptography
Cryptography
 
Blockchain
BlockchainBlockchain
Blockchain
 
IS-Crypttools.pptx
IS-Crypttools.pptxIS-Crypttools.pptx
IS-Crypttools.pptx
 
Cybersecurity Slides
Cybersecurity SlidesCybersecurity Slides
Cybersecurity Slides
 
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio AlamilloIntroducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
 
Blockchain Bootcamp - Leadership Edition
Blockchain Bootcamp - Leadership EditionBlockchain Bootcamp - Leadership Edition
Blockchain Bootcamp - Leadership Edition
 
#MFSummit2016 Secure: Mind the gap strengthening the information security model
#MFSummit2016 Secure: Mind the gap strengthening the information security model#MFSummit2016 Secure: Mind the gap strengthening the information security model
#MFSummit2016 Secure: Mind the gap strengthening the information security model
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
 
The implications of blockchain for the insurance industry - Eurapco Peer Semi...
The implications of blockchain for the insurance industry - Eurapco Peer Semi...The implications of blockchain for the insurance industry - Eurapco Peer Semi...
The implications of blockchain for the insurance industry - Eurapco Peer Semi...
 
Blockchains : Risk or Mitigation?
Blockchains : Risk or Mitigation?Blockchains : Risk or Mitigation?
Blockchains : Risk or Mitigation?
 

More from Maganathin Veeraragaloo

Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Maganathin Veeraragaloo
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Enterprise security architecture approach
Enterprise security architecture approachEnterprise security architecture approach
Enterprise security architecture approachMaganathin Veeraragaloo
 

More from Maganathin Veeraragaloo (20)

MULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTUREMULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTURE
 
Cloud security (domain11 14)
Cloud security (domain11 14)Cloud security (domain11 14)
Cloud security (domain11 14)
 
Cloud security (domain6 10)
Cloud security (domain6 10)Cloud security (domain6 10)
Cloud security (domain6 10)
 
Cloud Security (Domain1- 5)
Cloud Security (Domain1- 5)Cloud Security (Domain1- 5)
Cloud Security (Domain1- 5)
 
BTABOK / ITABOK
BTABOK / ITABOKBTABOK / ITABOK
BTABOK / ITABOK
 
Observability
ObservabilityObservability
Observability
 
Foresight 4 Cybersecurity
Foresight 4 CybersecurityForesight 4 Cybersecurity
Foresight 4 Cybersecurity
 
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
 
ISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust Framework
 
ITIL4 - DIGITAL TRUST FRAMEWORK
ITIL4 - DIGITAL TRUST FRAMEWORKITIL4 - DIGITAL TRUST FRAMEWORK
ITIL4 - DIGITAL TRUST FRAMEWORK
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORK
 
Open Digital Framework from TMFORUM
Open Digital Framework from TMFORUMOpen Digital Framework from TMFORUM
Open Digital Framework from TMFORUM
 
Enterprise security architecture approach
Enterprise security architecture approachEnterprise security architecture approach
Enterprise security architecture approach
 
Cloud and Data Privacy
Cloud and Data PrivacyCloud and Data Privacy
Cloud and Data Privacy
 
XaaS Overview
XaaS OverviewXaaS Overview
XaaS Overview
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
 
Multi Cloud Architecture Approach
Multi Cloud Architecture ApproachMulti Cloud Architecture Approach
Multi Cloud Architecture Approach
 

Recently uploaded

Call Girls Near Surya International Hotel New Delhi 9873777170
Call Girls Near Surya International Hotel New Delhi 9873777170Call Girls Near Surya International Hotel New Delhi 9873777170
Call Girls Near Surya International Hotel New Delhi 9873777170Sonam Pathan
 
Enhancing Indigenous Peoples' right to self-determination in the context of t...
Enhancing Indigenous Peoples' right to self-determination in the context of t...Enhancing Indigenous Peoples' right to self-determination in the context of t...
Enhancing Indigenous Peoples' right to self-determination in the context of t...Christina Parmionova
 
Action Toolkit - Earth Day 2024 - April 22nd.
Action Toolkit - Earth Day 2024 - April 22nd.Action Toolkit - Earth Day 2024 - April 22nd.
Action Toolkit - Earth Day 2024 - April 22nd.Christina Parmionova
 
High Class Call Girls Mumbai Tanvi 9910780858 Independent Escort Service Mumbai
High Class Call Girls Mumbai Tanvi 9910780858 Independent Escort Service MumbaiHigh Class Call Girls Mumbai Tanvi 9910780858 Independent Escort Service Mumbai
High Class Call Girls Mumbai Tanvi 9910780858 Independent Escort Service Mumbaisonalikaur4
 
13875446-Ballistic Missile Trajectories.ppt
13875446-Ballistic Missile Trajectories.ppt13875446-Ballistic Missile Trajectories.ppt
13875446-Ballistic Missile Trajectories.pptsilvialandin2
 
Earth Day 2024 - AMC "COMMON GROUND'' movie night.
Earth Day 2024 - AMC "COMMON GROUND'' movie night.Earth Day 2024 - AMC "COMMON GROUND'' movie night.
Earth Day 2024 - AMC "COMMON GROUND'' movie night.Christina Parmionova
 
How the Congressional Budget Office Assists Lawmakers
How the Congressional Budget Office Assists LawmakersHow the Congressional Budget Office Assists Lawmakers
How the Congressional Budget Office Assists LawmakersCongressional Budget Office
 
call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️saminamagar
 
history of 1935 philippine constitution.pptx
history of 1935 philippine constitution.pptxhistory of 1935 philippine constitution.pptx
history of 1935 philippine constitution.pptxhellokittymaearciaga
 
(多少钱)Dal毕业证国外本科学位证
(多少钱)Dal毕业证国外本科学位证(多少钱)Dal毕业证国外本科学位证
(多少钱)Dal毕业证国外本科学位证mbetknu
 
call girls in DLF Phase 1 gurgaon 🔝 >༒9540349809 🔝 genuine Escort Service 🔝...
call girls in DLF Phase 1 gurgaon 🔝 >༒9540349809 🔝 genuine Escort Service 🔝...call girls in DLF Phase 1 gurgaon 🔝 >༒9540349809 🔝 genuine Escort Service 🔝...
call girls in DLF Phase 1 gurgaon 🔝 >༒9540349809 🔝 genuine Escort Service 🔝...saminamagar
 
Call Girls Connaught Place Delhi reach out to us at ☎ 9711199012
Call Girls Connaught Place Delhi reach out to us at ☎ 9711199012Call Girls Connaught Place Delhi reach out to us at ☎ 9711199012
Call Girls Connaught Place Delhi reach out to us at ☎ 9711199012rehmti665
 
YHR Fall 2023 Issue (Joseph Manning Interview) (2).pdf
YHR Fall 2023 Issue (Joseph Manning Interview) (2).pdfYHR Fall 2023 Issue (Joseph Manning Interview) (2).pdf
YHR Fall 2023 Issue (Joseph Manning Interview) (2).pdfyalehistoricalreview
 
“Exploring the world: One page turn at a time.” World Book and Copyright Day ...
“Exploring the world: One page turn at a time.” World Book and Copyright Day ...“Exploring the world: One page turn at a time.” World Book and Copyright Day ...
“Exploring the world: One page turn at a time.” World Book and Copyright Day ...Christina Parmionova
 
Precarious profits? Why firms use insecure contracts, and what would change t...
Precarious profits? Why firms use insecure contracts, and what would change t...Precarious profits? Why firms use insecure contracts, and what would change t...
Precarious profits? Why firms use insecure contracts, and what would change t...ResolutionFoundation
 
WORLD CREATIVITY AND INNOVATION DAY 2024.
WORLD CREATIVITY AND INNOVATION DAY 2024.WORLD CREATIVITY AND INNOVATION DAY 2024.
WORLD CREATIVITY AND INNOVATION DAY 2024.Christina Parmionova
 
call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️saminamagar
 

Recently uploaded (20)

Call Girls Near Surya International Hotel New Delhi 9873777170
Call Girls Near Surya International Hotel New Delhi 9873777170Call Girls Near Surya International Hotel New Delhi 9873777170
Call Girls Near Surya International Hotel New Delhi 9873777170
 
Enhancing Indigenous Peoples' right to self-determination in the context of t...
Enhancing Indigenous Peoples' right to self-determination in the context of t...Enhancing Indigenous Peoples' right to self-determination in the context of t...
Enhancing Indigenous Peoples' right to self-determination in the context of t...
 
Action Toolkit - Earth Day 2024 - April 22nd.
Action Toolkit - Earth Day 2024 - April 22nd.Action Toolkit - Earth Day 2024 - April 22nd.
Action Toolkit - Earth Day 2024 - April 22nd.
 
High Class Call Girls Mumbai Tanvi 9910780858 Independent Escort Service Mumbai
High Class Call Girls Mumbai Tanvi 9910780858 Independent Escort Service MumbaiHigh Class Call Girls Mumbai Tanvi 9910780858 Independent Escort Service Mumbai
High Class Call Girls Mumbai Tanvi 9910780858 Independent Escort Service Mumbai
 
Hot Sexy call girls in Palam Vihar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Palam Vihar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Palam Vihar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Palam Vihar🔝 9953056974 🔝 escort Service
 
13875446-Ballistic Missile Trajectories.ppt
13875446-Ballistic Missile Trajectories.ppt13875446-Ballistic Missile Trajectories.ppt
13875446-Ballistic Missile Trajectories.ppt
 
Earth Day 2024 - AMC "COMMON GROUND'' movie night.
Earth Day 2024 - AMC "COMMON GROUND'' movie night.Earth Day 2024 - AMC "COMMON GROUND'' movie night.
Earth Day 2024 - AMC "COMMON GROUND'' movie night.
 
How the Congressional Budget Office Assists Lawmakers
How the Congressional Budget Office Assists LawmakersHow the Congressional Budget Office Assists Lawmakers
How the Congressional Budget Office Assists Lawmakers
 
call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
 
history of 1935 philippine constitution.pptx
history of 1935 philippine constitution.pptxhistory of 1935 philippine constitution.pptx
history of 1935 philippine constitution.pptx
 
(多少钱)Dal毕业证国外本科学位证
(多少钱)Dal毕业证国外本科学位证(多少钱)Dal毕业证国外本科学位证
(多少钱)Dal毕业证国外本科学位证
 
call girls in DLF Phase 1 gurgaon 🔝 >༒9540349809 🔝 genuine Escort Service 🔝...
call girls in DLF Phase 1 gurgaon 🔝 >༒9540349809 🔝 genuine Escort Service 🔝...call girls in DLF Phase 1 gurgaon 🔝 >༒9540349809 🔝 genuine Escort Service 🔝...
call girls in DLF Phase 1 gurgaon 🔝 >༒9540349809 🔝 genuine Escort Service 🔝...
 
Call Girls Connaught Place Delhi reach out to us at ☎ 9711199012
Call Girls Connaught Place Delhi reach out to us at ☎ 9711199012Call Girls Connaught Place Delhi reach out to us at ☎ 9711199012
Call Girls Connaught Place Delhi reach out to us at ☎ 9711199012
 
YHR Fall 2023 Issue (Joseph Manning Interview) (2).pdf
YHR Fall 2023 Issue (Joseph Manning Interview) (2).pdfYHR Fall 2023 Issue (Joseph Manning Interview) (2).pdf
YHR Fall 2023 Issue (Joseph Manning Interview) (2).pdf
 
“Exploring the world: One page turn at a time.” World Book and Copyright Day ...
“Exploring the world: One page turn at a time.” World Book and Copyright Day ...“Exploring the world: One page turn at a time.” World Book and Copyright Day ...
“Exploring the world: One page turn at a time.” World Book and Copyright Day ...
 
9953330565 Low Rate Call Girls In Adarsh Nagar Delhi NCR
9953330565 Low Rate Call Girls In Adarsh Nagar Delhi NCR9953330565 Low Rate Call Girls In Adarsh Nagar Delhi NCR
9953330565 Low Rate Call Girls In Adarsh Nagar Delhi NCR
 
Precarious profits? Why firms use insecure contracts, and what would change t...
Precarious profits? Why firms use insecure contracts, and what would change t...Precarious profits? Why firms use insecure contracts, and what would change t...
Precarious profits? Why firms use insecure contracts, and what would change t...
 
Model Town (Delhi) 9953330565 Escorts, Call Girls Services
Model Town (Delhi) 9953330565 Escorts, Call Girls ServicesModel Town (Delhi) 9953330565 Escorts, Call Girls Services
Model Town (Delhi) 9953330565 Escorts, Call Girls Services
 
WORLD CREATIVITY AND INNOVATION DAY 2024.
WORLD CREATIVITY AND INNOVATION DAY 2024.WORLD CREATIVITY AND INNOVATION DAY 2024.
WORLD CREATIVITY AND INNOVATION DAY 2024.
 
call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
 

Development of Digital Identity Systems

  • 1. Development of Digital Identity Systems Presenter: Maganathin Marcus Veeraragaloo Date: 6th July 2017
  • 2. • Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Agenda
  • 3. • Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Agenda
  • 4. Context – Digital Transformation / Industry 4.0
  • 5. Context – Digital Transformation / Industry 4.0
  • 6. Context – Digital Transformation / Industry 4.0
  • 7. • Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Cyber Security is evolving into Digital Security
  • 8. Cyber Security evolution to Digital Security Digital Security Cyber Security Information Security IT Security Physical Security IoT Security OT Security Smart Grid Security Network Perimeter Disappearing Digital Security is the evolution of Cyber Security or The scope of Cyber Security is evolving into Digital Security
  • 9. • Context – Digital Transformation / Industry 4.0 • Cyber Security is evolving into Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Agenda
  • 10. Identity in a Digital World Identity
  • 11. • Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Agenda
  • 12. Development of Digital Identity Standards NIST Special Publications 800-63 Suite SP-800-63-3 Digital Identity Guidelines SP-800-63-3A Enrollment & Identity Proofing SP-800-63-3B Authentication & Life Cycle Management SP-800-63-3C Federation and Assertions Identity Assurance Level (IAL): the identity proofing process and the binding between one or more authenticators and the records pertaining to a specific subscriber Authenticator Assurance Level (AAL): the authentication process, including how additional factors and authentication mechanisms can impact risk mitigation Federation Assurance Level (FAL): the assertion used in a federated environment to communicate authentication and attribute information to a relying party (RP)
  • 13. • It provides an overview of general identity frameworks; using authenticators, credentials, and assertions together in a digital system; • Organizations can perform a risk assessment, answer a set of functional questions, and, based on their responses, be guided to the most appropriate xAL for their system and users. • Agencies need to look for requirements and ensures that the assessment of risks and the available processes and technologies mitigate that risk and are well aligned. • Align with commercial markets, promote international interoperability, and focus on outcomes (where possible) to promote innovation and deployment flexibility. Development of Digital Identity Standards NIST-800-63-3
  • 14. Development of Digital Identity Standards Digital Identity Model – NIST 800-63-3 ( Digital Identity Guidelines)
  • 15. • Arguably the most difficult part of digital identity: strengthening identity proofing while expanding options for remote and in-person proofing. • Guidelines clarify methods for resolving an identity to a single person and enables RPs to evaluate and determine the strength of identity evidence. • The proofing guidance moves away from a static list of acceptable documents and instead describes “characteristics” for the evidence necessary to achieve each IAL. • Agencies can now pick the evidence that works best for their stakeholders: what matters is the process behind the presentation. • This opens the door for a diverse array of proofing options, including virtual in-person (aka “supervised remote”) and trusted referees (e.g., notaries, Certificate Authorities), and offers clearer guidelines on document checking and address confirmation. Development of Digital Identity Standards Identity Proofing (SP-800-63A)
  • 16. • The new guidelines also enable server-side biometric matching and include a comprehensive set of biometric performance and security requirements. • Biometric sensors are common in the devices that so many users carry daily • Provide guidelines that can prevent unreliable or weak biometric approaches from sneaking their way into digital services. • More options (to include more usable ones) at higher assurance levels. • Changes Too • email as a place to send one-time-passwords (OTPs) • plain old SMS to send OTPs, although SMS is allowable with some risk-based and security measures • “token” talk – it’s now “authenticator” Development of Digital Identity Standards Authentication (SP-800-63B)
  • 17. • Federation is when the RP and IdP are not a single entity or not under common administration. • Federation enables an IdP to proof and authenticate an individual and provide identity assertions that RPs can accept and trust. • Provides greater detail on how assertions should be used, and includes a host of privacy-enhancing requirements that can make federation appealing to users. Development of Digital Identity Standards Federation (SP-800-63C)
  • 18. • Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Conclusion Agenda
  • 19. • OAuth 2.0 enables applications to access resources on behalf of a specific user. This is why the OAuth protocol has a resource server — a policy enforcement point that is likely either an API gateway or a reverse-proxy Web access management (WAM) system. • The OAuth access and resource servers work in concert to provide access to resources via a scope (see the Scopes section) entitlement request by the application. Authentication Protocols • Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML standard for exchanging authentication and authorization data between security domains. • SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal (usually an end user) between a SAML authority, named an Identity Provider, and a SAML consumer, named a Service Provider. • SAML 2.0 enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO), which helps reduce the administrative overhead of distributing multiple authentication tokens to the • Connect is about authentication — providing an ID Token for interoperable access to cross-domain relying. • The Connect protocol leaves the policy enforcement to the relying party — just like SAML does.
  • 20. Authentication Protocols • Is a means of expressing specific entities in a system by URL path elements. • REST is not an architecture but it is an architectural style to build services on top of the Web. • REST allows interaction with a web-based system via simplified URLs rather than complex request body or POST parameters to request specific items from the system. • REST stands for Representational State Transfer. It relies on a stateless, client- server, cacheable communications. In most cases it is used with the HTTP protocol. • JavaScript Object Notation or JSON (/ˈdʒeɪsən/ JAY-sən), is an open-standard file format that uses human-readable text to transmit data objects consisting of attribute–value pairs and array data types (or any other serializable value). ... JSON is a language-independent data format.
  • 23. • Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Agenda
  • 24. Authentication Technologies Blockchain and Digital Signatures • Usually a digital signature is made using the private key of the owner. Whoever wants to verify the signature can do so using the corresponding public key. • Suppose a company wants to accept Bitcoins for its trades. Now, because of security reasons, the company would not want that only a single employee will have access to the company's Bitcoin wallet's password. Any transaction should need approval from more than one employees of the company. A multi- signature address is created for that purpose.
  • 25. Authentication Technologies Blockchain and Digital Signatures…continued • A multi-signature address is an address associated with more than one Elliptic Curve Digital Signature Algorithm (ECDSA) private keys. So, in an m-of-n address, when a Bitcoin address is generated, it is associated with n private keys. And, at least m private keys will be required to make a transaction possible. • This concept can be used in making digital signatures. One can create a multi-signature m-of-n address using n private keys and use that to record digital signature of documents in a blockchain. Anyone can verify the digital signature using public keys, but to make the digital signature one would need at least m private keys, out f n private keys associated with the multi-signature address.
  • 26. Authentication Technologies Public Key Infrastructure - Digital Signatures • When two hosts want to transfer sensitive data between them, they use an encrypted communication. Both the hosts first connect to each other, authenticate themselves and after that an encrypted connection is established, using which sensitive data are transferred. • If a host wants to authenticate itself to the other host, it needs to prove its identity. Normally, public key cryptography is used for that purpose. Each host possesses a private-public key pair. And, to establish an encrypted connection, they share their public keys to each other. • But, one has to confirm that the shared public key indeed belongs to the sender. Public Key Infrastructure or PKI is an arrangement which is used for that purpose. It binds public keys with corresponding identities through registration and issuance of certificates and using centralized authority called Certificate Authority or CA. PKI consists of set of roles, policies and procedures to create, manage, distribute or revoke digital certificates.
  • 27. Authentication Technologies Public Key Infrastructure - Digital Signatures • Certificate Authority - A Certificate Authority issues a digital certificate to an entity. The issued digital certificate is signed with the private key of the CA, so that it is not tampered with. When a host gets a digital certificate of another host, it checks with the corresponding CA to make sure it is an authentic one. • Registration Authority - When an entity requests for a digital certificate, the Registration Authority verifies the identity of the entity to make sure the digital certificate is not mis-issued. • Central Directory - A Central Directory is a central location where public keys are stored and indexed, so that they can be retrieved at the time of verification of digital certificates. • Certificate Management System - A Certificate Management System manages access to stored certificates and the delivery of the certificates to be issued. • Certificate Policy - It consists of policies of digital certificates.
  • 30. • Context – Digital Transformation / Industry 4.0 • Cyber Security evolution to Digital Security • Identity in a Digital World • Development of Digital Identity Standards • Authentication Protocols • Authentication Technologies • Conclusion Agenda