SlideShare a Scribd company logo

'A Question of Scale: Mapping Authentication to the Modern Computing Ecosystem'

Nok Nok Labs, Inc
Nok Nok Labs, Inc

Rajiv Dholakia, VP, Products, presentation from the Cloud Identity Summit 2013, Napa

Technology
1 of 26
Download to read offline
A QUESTION OF SCALE Mapping Authentication to the Modern Computing Ecosystem 1 Rajiv Dholakia VP Products, Nok Nok Labs
THE HUMBLE IGNITION KEY NOK NOK LABS 2
THINGS ARE CHANGING NOK NOK LABS 3 First Steps Next Steps Sony 77 M Evernote 60 M Rockyou 32 M LinkedIn 6.5 M Yahoo 450 K Twitter 56 K Attacks Apple Evernote Facebook Twitter Google ? Convenience, Security, Personalization
AKEYINSIGHT– GATEWAYTO USER EXPERIENCE ABOUTDESIGN, DELIGHT& DOLLARS (ALSORISK,REGULATION&REPUTATION) NOK NOK LABS Authentication is the “Ignition Key” 4
USERS FRUSTRATED •  25 ACCOUNTS •  8 LOGINS / DAY •  6.5 PASSWORDS ORGANIZATIONS OVERWHELMED •  $7.2M / DATA BREACH •  $15 / PASSWORD RESET •  $50-120+ / TOKEN ECOSYSTEMS INHIBITED •  FRAGMENTED •  INFLEXIBLE •  FRICTION EVERYWHERE HOWARE WE DOING? NOK NOK LABS 5
THEAUTHENTICATION TOWER OF BABEL Silos, proprietary, privacy, reliance on 3rd party, tolls NOK NOK LABS ? 6
IMPLEMENTATION CHALLENGE APLUMBINGPROBLEM:SHADESOFRUBEGOLDBERG… NOK NOK LABS App 2 New App ?   RP 1 RP 1 App 1 ? Applications Authentication MethodsOrganizations Silo 1 Silo 2 Silo N Silo 3 7
THE RESULTING REALITY “AUTHENTICATION IS … EXPENSIVE TO IMPLEMENT, IT'S HARD TO USE, IT'S TOO EASYTO SUBVERT OR CIRCUMVENTAND IT FAILS MOREAND MORE FREQUENTLY,AND MOREAND MORE SPECTACULARLY IN TODAY'S INCREASINGLY RISKY ELECTRONIC ENVIRONMENT.” GARTNER:MAVERICKTECHNOLOGY NOK NOK LABS 8
DESIGN CONSIDERATIONS… 9NOK NOK LABS
TODAY’S WORLD: DIVERSE, DISTRIBUTED, DYNAMIC NOK NOK LABS 75% OF THE DIGITAL UNIVERSE CREATED, CAPTURED OR REPLICATED IN THE CLOUD 3.1 TRILLION HARD DRIVES WORTH OF DATA CONSUMED DAILY IN THE US US ECOMMERCE PROJECTED AT $325BN BY 2015 No single solution will work across all use cases 1.8 BN MOBILE PHONES/YEAR 200 MN TABLETS/YEAR 10
PONEMAN-NNL RESEARCH NOK NOK LABS 11 •  New & exclusive research, featuring 1,924 consumers: •  US: 754 •  UK: 569 •  Germany: 601 •  Covers experiences, perceptions & preferences for identity and authentication technology •  First annual report, covering trends, perceptions and attitudes to online authentication •  Research undertaken by the Ponemon Institute & sponsored by Nok Nok Labs, Inc.
PONEMAN-NOK NOK STUDY DIVERSITYRULESINEND-USERCOMMUNITIES–PROMISEINMOBILE NOK NOK LABS 12
RETIRING PASSWORDS Iden%ty  Services   A SYSTEMS PROBLEM (not technology) Physical-­‐to-­‐Digital  Iden%ty     User  Management     Authen%ca%on   Federa%on      Single Sign-On 13
THE OTHER HALF OF THE EQUATION NOK NOK LABS 14 STRONG AUTH PASSWORDS SSO/FEDERATION Recreated PMS First Mile Second Mile SAML OpenID
APEEK INTO MODERNAUTHENTICATION PRIVATE & CONFIDENTIAL 15NOK NOK LABS IMPLICIT AUTHENTICATION EXPLICIT AUTHENTICATION
THE ONLY WAY TO WINAGAINST MALWARE – SECURE HARDWARE NOK NOK LABS User Space Secure Hardware Auth SDK UX Layer Input, Display Crypto Layer Auth SDK UX Layer Input, Display Crypto Layer Auth SDK Crypto Layer UX Layer Input, Display No Secure HW Secure Crypto + Storage Secure Execution Environment
SOLUTIONPATTERNS–WHICHWILLPREVAIL? 17 User-Centric “Trust-Me-Me-Me” Relationship-Centric Regulation-Centric
Towards  Solu%ons  &     Building  Blocks   18
THE REALITY AUTHENTICATION that’s... NOK NOK LABS SIMPLE STRONG 19 Aspirational Goal
ADDRESS USABILITY & DIVERSITY 20NOK NOK LABS Usability Usage •  No passwords •  Existing devices •  Flexible authentication •  Engagement •  Completed transactions •  Security compliance Drives   Aspirational Goal
UNIFIED STANDARDS &AUTHENTICATIONAGILITY NOK NOK LABS ANYDEVICE.ANYAPPLICATION.ANYAUTHENTICATOR. App 2 Applications Authentication Methods RP 1 RP 1 App 1 New App UNIFIED STANDARDS Organizations ? 21 Aspirational Goal
EFFORTS UNDERWAY • Platform specific efforts (Microsoft,Apple,Android…) • Secure Silicon Efforts - TCG-TPM(TrustedComputingGroup) - IntelIPT(IdentityProtectionTechnology) - SecureElement(GlobalPlatform) - Others… • New and Noteworthy: - Trusted Execution Environment (Global Platform) - The FIDO (Fast Identity Online)Alliance 22NOK NOK LABS
GOAL: SIMPLER, STRONGER AUTH INTERNETSERVICES COMPONENT&DEVICEVENDORS SOFTWARE&STACKS
KEY IDEAS BEHIND FIDO • Leverage simple but strong local authentication - User authenticates locally to Client Device - Device authenticates to the Server • Focus of Standardization: - “Pluggable” local authentication (USB, Biometrics,TPM/Pin…) interfaces - The online crypto protocols used to authenticate to the server • Allow business appropriate and risk appropriate choice http://www.fidoalliance.org
TAKEAWAYS FROM THIS TALK 1.  Authentication is the “Ignition Key” to design, delight, & dollars 2.  Passwords don’t scale up (to the cloud) or down (to mobile devices) – a system solution is needed 3.  Diversity & heterogeneity will rule…no one size fits all 4.  Authentication is the “first mile”, Federation is the “second mile” 5.  ModernAuthentication = Explicit + Implicit 6.  Competing solution patterns – pick carefully 7.  Get involved: •  Advocateforstandardsasbuildingblocks–thinkofwhatSSLdidforyou •  Educateyourselfaboutemergingauthenticationtechnology •  Re-thinkyourauthenticationstrategy •  Pilotsomeoftheemergingtechnology 25
FOR MORE INFORMATION NOK NOK LABS •  FIDO  alliance   •   An  alliance  to  simplify  authen%ca%on   •  hEp://www.fidoalliance.org   •  Global  PlaLorm   •  hEp://www.globalplaLorm.org     •  Nok  Nok  Labs  –  pioneering  FIDO  standards  implementa%ons   •  Brainstorm,  Demonstra%on,  Evalua%on,  Webinar   •  Poneman-­‐Nok  Nok  Labs  Report   •  rajiv@noknok.com  or  info@noknok.com     •  hEp://www.noknok.com     26

Recommended

Nu set pitch deck v.8.8.8
Nu set pitch deck v.8.8.8Nu set pitch deck v.8.8.8
Nu set pitch deck v.8.8.8craignuset
 
CIS14: Kantara Briefing on ID.me
CIS14: Kantara Briefing on ID.meCIS14: Kantara Briefing on ID.me
CIS14: Kantara Briefing on ID.meCloudIDSummit
 
CIS13: Modern Identity: Automated, Discoverable & Scalable
CIS13: Modern Identity: Automated, Discoverable & ScalableCIS13: Modern Identity: Automated, Discoverable & Scalable
CIS13: Modern Identity: Automated, Discoverable & ScalableCloudIDSummit
 
CIS14: Trusted Tokens: An Identity Game Changer
CIS14: Trusted Tokens: An Identity Game ChangerCIS14: Trusted Tokens: An Identity Game Changer
CIS14: Trusted Tokens: An Identity Game ChangerCloudIDSummit
 
CIS14: How I Came to Share Signals and Learned to Love my Identity System
CIS14: How I Came to Share Signals and Learned to Love my Identity SystemCIS14: How I Came to Share Signals and Learned to Love my Identity System
CIS14: How I Came to Share Signals and Learned to Love my Identity SystemCloudIDSummit
 
CIS14: Global Trends in BYOID
CIS14: Global Trends in BYOIDCIS14: Global Trends in BYOID
CIS14: Global Trends in BYOIDCloudIDSummit
 
CIS14: SCIM: Why It’s More Important, and More Simple, Than You Think
CIS14: SCIM: Why It’s More Important, and More Simple, Than You ThinkCIS14: SCIM: Why It’s More Important, and More Simple, Than You Think
CIS14: SCIM: Why It’s More Important, and More Simple, Than You ThinkCloudIDSummit
 
CIS14: Filling the “authentication goes here” Hole in Identity
CIS14: Filling the “authentication goes here” Hole in IdentityCIS14: Filling the “authentication goes here” Hole in Identity
CIS14: Filling the “authentication goes here” Hole in IdentityCloudIDSummit
 

Recommended

Nu set pitch deck v.8.8.8
Nu set pitch deck v.8.8.8Nu set pitch deck v.8.8.8
Nu set pitch deck v.8.8.8craignuset
 
CIS14: Kantara Briefing on ID.me
CIS14: Kantara Briefing on ID.meCIS14: Kantara Briefing on ID.me
CIS14: Kantara Briefing on ID.meCloudIDSummit
 
CIS13: Modern Identity: Automated, Discoverable & Scalable
CIS13: Modern Identity: Automated, Discoverable & ScalableCIS13: Modern Identity: Automated, Discoverable & Scalable
CIS13: Modern Identity: Automated, Discoverable & ScalableCloudIDSummit
 
CIS14: Trusted Tokens: An Identity Game Changer
CIS14: Trusted Tokens: An Identity Game ChangerCIS14: Trusted Tokens: An Identity Game Changer
CIS14: Trusted Tokens: An Identity Game ChangerCloudIDSummit
 
CIS14: How I Came to Share Signals and Learned to Love my Identity System
CIS14: How I Came to Share Signals and Learned to Love my Identity SystemCIS14: How I Came to Share Signals and Learned to Love my Identity System
CIS14: How I Came to Share Signals and Learned to Love my Identity SystemCloudIDSummit
 
CIS14: Global Trends in BYOID
CIS14: Global Trends in BYOIDCIS14: Global Trends in BYOID
CIS14: Global Trends in BYOIDCloudIDSummit
 
CIS14: SCIM: Why It’s More Important, and More Simple, Than You Think
CIS14: SCIM: Why It’s More Important, and More Simple, Than You ThinkCIS14: SCIM: Why It’s More Important, and More Simple, Than You Think
CIS14: SCIM: Why It’s More Important, and More Simple, Than You ThinkCloudIDSummit
 
CIS14: Filling the “authentication goes here” Hole in Identity
CIS14: Filling the “authentication goes here” Hole in IdentityCIS14: Filling the “authentication goes here” Hole in Identity
CIS14: Filling the “authentication goes here” Hole in IdentityCloudIDSummit
 
CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...
CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...
CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...CloudIDSummit
 
Market Study on Mobile Authentication
Market Study on Mobile AuthenticationMarket Study on Mobile Authentication
Market Study on Mobile AuthenticationFIDO Alliance
 
SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013Mike Brannon
 
Take an Analytics-driven Approach to Container Performance with Splunk for Co...
Take an Analytics-driven Approach to Container Performance with Splunk for Co...Take an Analytics-driven Approach to Container Performance with Splunk for Co...
Take an Analytics-driven Approach to Container Performance with Splunk for Co...Docker, Inc.
 
Power Platform Governance Webinar
Power Platform Governance WebinarPower Platform Governance Webinar
Power Platform Governance WebinarRunpipe
 
Bridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On GapBridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On GapOracleIDM
 
Soc analyst course content v3
Soc analyst course content v3Soc analyst course content v3
Soc analyst course content v3ShivamSharma909
 
Soc analyst course content
Soc analyst course contentSoc analyst course content
Soc analyst course contentShivamSharma909
 
ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)
ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)
ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)EDINA, University of Edinburgh
 
CIS14: Spinning New Threads with Existing Identity Systems
CIS14: Spinning New Threads with Existing Identity SystemsCIS14: Spinning New Threads with Existing Identity Systems
CIS14: Spinning New Threads with Existing Identity SystemsCloudIDSummit
 
Building a better Internet of Things
Building a better Internet of ThingsBuilding a better Internet of Things
Building a better Internet of ThingsJanaina Pilomia
 
Pc tech pitch deck
Pc tech pitch deckPc tech pitch deck
Pc tech pitch deckJune Barrett
 
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogic
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogicWebinar: Improve Splunk Analytics and Automate Processes with SnapLogic
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogicSnapLogic
 
SplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - XeroxSplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - XeroxSplunk
 
Logitech - LOGITECH ACCELERATES CLOUD ANALYTICS USING DATA VIRTUALIZATION
Logitech - LOGITECH ACCELERATES CLOUD ANALYTICS USING DATA VIRTUALIZATIONLogitech - LOGITECH ACCELERATES CLOUD ANALYTICS USING DATA VIRTUALIZATION
Logitech - LOGITECH ACCELERATES CLOUD ANALYTICS USING DATA VIRTUALIZATIONAvinash Deshpande
 
So You Bought Oracle Ecm
So You Bought Oracle EcmSo You Bought Oracle Ecm
So You Bought Oracle EcmFishbowl Solutions
 
Microsoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with RunpipeMicrosoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with RunpipeRunpipe
 
OSGi -Simplifying the IoT Gateway - Walt Bowers
OSGi -Simplifying the IoT Gateway - Walt BowersOSGi -Simplifying the IoT Gateway - Walt Bowers
OSGi -Simplifying the IoT Gateway - Walt Bowersmfrancis
 
SplunkLive! - Splunk for IT Operations
SplunkLive! - Splunk for IT OperationsSplunkLive! - Splunk for IT Operations
SplunkLive! - Splunk for IT OperationsSplunk
 
(130608) #fitalk ceic 2013 interview
(130608) #fitalk ceic 2013 interview(130608) #fitalk ceic 2013 interview
(130608) #fitalk ceic 2013 interviewINSIGHT FORENSIC
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

More Related Content

Similar to 'A Question of Scale: Mapping Authentication to the Modern Computing Ecosystem'

CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...
CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...
CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...CloudIDSummit
 
Market Study on Mobile Authentication
Market Study on Mobile AuthenticationMarket Study on Mobile Authentication
Market Study on Mobile AuthenticationFIDO Alliance
 
SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013Mike Brannon
 
Take an Analytics-driven Approach to Container Performance with Splunk for Co...
Take an Analytics-driven Approach to Container Performance with Splunk for Co...Take an Analytics-driven Approach to Container Performance with Splunk for Co...
Take an Analytics-driven Approach to Container Performance with Splunk for Co...Docker, Inc.
 
Power Platform Governance Webinar
Power Platform Governance WebinarPower Platform Governance Webinar
Power Platform Governance WebinarRunpipe
 
Bridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On GapBridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On GapOracleIDM
 
Soc analyst course content v3
Soc analyst course content v3Soc analyst course content v3
Soc analyst course content v3ShivamSharma909
 
Soc analyst course content
Soc analyst course contentSoc analyst course content
Soc analyst course contentShivamSharma909
 
ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)
ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)
ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)EDINA, University of Edinburgh
 
CIS14: Spinning New Threads with Existing Identity Systems
CIS14: Spinning New Threads with Existing Identity SystemsCIS14: Spinning New Threads with Existing Identity Systems
CIS14: Spinning New Threads with Existing Identity SystemsCloudIDSummit
 
Building a better Internet of Things
Building a better Internet of ThingsBuilding a better Internet of Things
Building a better Internet of ThingsJanaina Pilomia
 
Pc tech pitch deck
Pc tech pitch deckPc tech pitch deck
Pc tech pitch deckJune Barrett
 
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogic
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogicWebinar: Improve Splunk Analytics and Automate Processes with SnapLogic
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogicSnapLogic
 
SplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - XeroxSplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - XeroxSplunk
 
Logitech - LOGITECH ACCELERATES CLOUD ANALYTICS USING DATA VIRTUALIZATION
Logitech - LOGITECH ACCELERATES CLOUD ANALYTICS USING DATA VIRTUALIZATIONLogitech - LOGITECH ACCELERATES CLOUD ANALYTICS USING DATA VIRTUALIZATION
Logitech - LOGITECH ACCELERATES CLOUD ANALYTICS USING DATA VIRTUALIZATIONAvinash Deshpande
 
Microsoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with RunpipeMicrosoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with RunpipeRunpipe
 
OSGi -Simplifying the IoT Gateway - Walt Bowers
OSGi -Simplifying the IoT Gateway - Walt BowersOSGi -Simplifying the IoT Gateway - Walt Bowers
OSGi -Simplifying the IoT Gateway - Walt Bowersmfrancis
 
SplunkLive! - Splunk for IT Operations
SplunkLive! - Splunk for IT OperationsSplunkLive! - Splunk for IT Operations
SplunkLive! - Splunk for IT OperationsSplunk
 
(130608) #fitalk ceic 2013 interview
(130608) #fitalk ceic 2013 interview(130608) #fitalk ceic 2013 interview
(130608) #fitalk ceic 2013 interviewINSIGHT FORENSIC
 

Similar to 'A Question of Scale: Mapping Authentication to the Modern Computing Ecosystem' (20)

CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...
CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...
CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...
 
Market Study on Mobile Authentication
Market Study on Mobile AuthenticationMarket Study on Mobile Authentication
Market Study on Mobile Authentication
 
SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013
 
Take an Analytics-driven Approach to Container Performance with Splunk for Co...
Take an Analytics-driven Approach to Container Performance with Splunk for Co...Take an Analytics-driven Approach to Container Performance with Splunk for Co...
Take an Analytics-driven Approach to Container Performance with Splunk for Co...
 
Power Platform Governance Webinar
Power Platform Governance WebinarPower Platform Governance Webinar
Power Platform Governance Webinar
 
Bridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On GapBridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On Gap
 
Soc analyst course content v3
Soc analyst course content v3Soc analyst course content v3
Soc analyst course content v3
 
Soc analyst course content
Soc analyst course contentSoc analyst course content
Soc analyst course content
 
ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)
ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)
ESDIN - OGC Web Services Shibboleth Interoperability Experiment (OSI)
 
CIS14: Spinning New Threads with Existing Identity Systems
CIS14: Spinning New Threads with Existing Identity SystemsCIS14: Spinning New Threads with Existing Identity Systems
CIS14: Spinning New Threads with Existing Identity Systems
 
Building a better Internet of Things
Building a better Internet of ThingsBuilding a better Internet of Things
Building a better Internet of Things
 
Pc tech pitch deck
Pc tech pitch deckPc tech pitch deck
Pc tech pitch deck
 
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogic
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogicWebinar: Improve Splunk Analytics and Automate Processes with SnapLogic
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogic
 
SplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - XeroxSplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - Xerox
 
Logitech - LOGITECH ACCELERATES CLOUD ANALYTICS USING DATA VIRTUALIZATION
Logitech - LOGITECH ACCELERATES CLOUD ANALYTICS USING DATA VIRTUALIZATIONLogitech - LOGITECH ACCELERATES CLOUD ANALYTICS USING DATA VIRTUALIZATION
Logitech - LOGITECH ACCELERATES CLOUD ANALYTICS USING DATA VIRTUALIZATION
 
So You Bought Oracle Ecm
So You Bought Oracle EcmSo You Bought Oracle Ecm
So You Bought Oracle Ecm
 
Microsoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with RunpipeMicrosoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with Runpipe
 
OSGi -Simplifying the IoT Gateway - Walt Bowers
OSGi -Simplifying the IoT Gateway - Walt BowersOSGi -Simplifying the IoT Gateway - Walt Bowers
OSGi -Simplifying the IoT Gateway - Walt Bowers
 
SplunkLive! - Splunk for IT Operations
SplunkLive! - Splunk for IT OperationsSplunkLive! - Splunk for IT Operations
SplunkLive! - Splunk for IT Operations
 
(130608) #fitalk ceic 2013 interview
(130608) #fitalk ceic 2013 interview(130608) #fitalk ceic 2013 interview
(130608) #fitalk ceic 2013 interview
 

Recently uploaded

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Recently uploaded (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

'A Question of Scale: Mapping Authentication to the Modern Computing Ecosystem'

  • 1. A QUESTION OF SCALE Mapping Authentication to the Modern Computing Ecosystem 1 Rajiv Dholakia VP Products, Nok Nok Labs
  • 2. THE HUMBLE IGNITION KEY NOK NOK LABS 2
  • 3. THINGS ARE CHANGING NOK NOK LABS 3 First Steps Next Steps Sony 77 M Evernote 60 M Rockyou 32 M LinkedIn 6.5 M Yahoo 450 K Twitter 56 K Attacks Apple Evernote Facebook Twitter Google ? Convenience, Security, Personalization
  • 4. AKEYINSIGHT– GATEWAYTO USER EXPERIENCE ABOUTDESIGN, DELIGHT& DOLLARS (ALSORISK,REGULATION&REPUTATION) NOK NOK LABS Authentication is the “Ignition Key” 4
  • 5. USERS FRUSTRATED •  25 ACCOUNTS •  8 LOGINS / DAY •  6.5 PASSWORDS ORGANIZATIONS OVERWHELMED •  $7.2M / DATA BREACH •  $15 / PASSWORD RESET •  $50-120+ / TOKEN ECOSYSTEMS INHIBITED •  FRAGMENTED •  INFLEXIBLE •  FRICTION EVERYWHERE HOWARE WE DOING? NOK NOK LABS 5
  • 6. THEAUTHENTICATION TOWER OF BABEL Silos, proprietary, privacy, reliance on 3rd party, tolls NOK NOK LABS ? 6
  • 7. IMPLEMENTATION CHALLENGE APLUMBINGPROBLEM:SHADESOFRUBEGOLDBERG… NOK NOK LABS App 2 New App ?   RP 1 RP 1 App 1 ? Applications Authentication MethodsOrganizations Silo 1 Silo 2 Silo N Silo 3 7
  • 8. THE RESULTING REALITY “AUTHENTICATION IS … EXPENSIVE TO IMPLEMENT, IT'S HARD TO USE, IT'S TOO EASYTO SUBVERT OR CIRCUMVENTAND IT FAILS MOREAND MORE FREQUENTLY,AND MOREAND MORE SPECTACULARLY IN TODAY'S INCREASINGLY RISKY ELECTRONIC ENVIRONMENT.” GARTNER:MAVERICKTECHNOLOGY NOK NOK LABS 8
  • 10. TODAY’S WORLD: DIVERSE, DISTRIBUTED, DYNAMIC NOK NOK LABS 75% OF THE DIGITAL UNIVERSE CREATED, CAPTURED OR REPLICATED IN THE CLOUD 3.1 TRILLION HARD DRIVES WORTH OF DATA CONSUMED DAILY IN THE US US ECOMMERCE PROJECTED AT $325BN BY 2015 No single solution will work across all use cases 1.8 BN MOBILE PHONES/YEAR 200 MN TABLETS/YEAR 10
  • 11. PONEMAN-NNL RESEARCH NOK NOK LABS 11 •  New & exclusive research, featuring 1,924 consumers: •  US: 754 •  UK: 569 •  Germany: 601 •  Covers experiences, perceptions & preferences for identity and authentication technology •  First annual report, covering trends, perceptions and attitudes to online authentication •  Research undertaken by the Ponemon Institute & sponsored by Nok Nok Labs, Inc.
  • 13. RETIRING PASSWORDS Iden%ty  Services   A SYSTEMS PROBLEM (not technology) Physical-­‐to-­‐Digital  Iden%ty     User  Management     Authen%ca%on   Federa%on      Single Sign-On 13
  • 14. THE OTHER HALF OF THE EQUATION NOK NOK LABS 14 STRONG AUTH PASSWORDS SSO/FEDERATION Recreated PMS First Mile Second Mile SAML OpenID
  • 15. APEEK INTO MODERNAUTHENTICATION PRIVATE & CONFIDENTIAL 15NOK NOK LABS IMPLICIT AUTHENTICATION EXPLICIT AUTHENTICATION
  • 16. THE ONLY WAY TO WINAGAINST MALWARE – SECURE HARDWARE NOK NOK LABS User Space Secure Hardware Auth SDK UX Layer Input, Display Crypto Layer Auth SDK UX Layer Input, Display Crypto Layer Auth SDK Crypto Layer UX Layer Input, Display No Secure HW Secure Crypto + Storage Secure Execution Environment
  • 18. Towards  Solu%ons  &     Building  Blocks   18
  • 19. THE REALITY AUTHENTICATION that’s... NOK NOK LABS SIMPLE STRONG 19 Aspirational Goal
  • 20. ADDRESS USABILITY & DIVERSITY 20NOK NOK LABS Usability Usage •  No passwords •  Existing devices •  Flexible authentication •  Engagement •  Completed transactions •  Security compliance Drives   Aspirational Goal
  • 21. UNIFIED STANDARDS &AUTHENTICATIONAGILITY NOK NOK LABS ANYDEVICE.ANYAPPLICATION.ANYAUTHENTICATOR. App 2 Applications Authentication Methods RP 1 RP 1 App 1 New App UNIFIED STANDARDS Organizations ? 21 Aspirational Goal
  • 22. EFFORTS UNDERWAY • Platform specific efforts (Microsoft,Apple,Android…) • Secure Silicon Efforts - TCG-TPM(TrustedComputingGroup) - IntelIPT(IdentityProtectionTechnology) - SecureElement(GlobalPlatform) - Others… • New and Noteworthy: - Trusted Execution Environment (Global Platform) - The FIDO (Fast Identity Online)Alliance 22NOK NOK LABS
  • 23. GOAL: SIMPLER, STRONGER AUTH INTERNETSERVICES COMPONENT&DEVICEVENDORS SOFTWARE&STACKS
  • 24. KEY IDEAS BEHIND FIDO • Leverage simple but strong local authentication - User authenticates locally to Client Device - Device authenticates to the Server • Focus of Standardization: - “Pluggable” local authentication (USB, Biometrics,TPM/Pin…) interfaces - The online crypto protocols used to authenticate to the server • Allow business appropriate and risk appropriate choice http://www.fidoalliance.org
  • 25. TAKEAWAYS FROM THIS TALK 1.  Authentication is the “Ignition Key” to design, delight, & dollars 2.  Passwords don’t scale up (to the cloud) or down (to mobile devices) – a system solution is needed 3.  Diversity & heterogeneity will rule…no one size fits all 4.  Authentication is the “first mile”, Federation is the “second mile” 5.  ModernAuthentication = Explicit + Implicit 6.  Competing solution patterns – pick carefully 7.  Get involved: •  Advocateforstandardsasbuildingblocks–thinkofwhatSSLdidforyou •  Educateyourselfaboutemergingauthenticationtechnology •  Re-thinkyourauthenticationstrategy •  Pilotsomeoftheemergingtechnology 25
  • 26. FOR MORE INFORMATION NOK NOK LABS •  FIDO  alliance   •   An  alliance  to  simplify  authen%ca%on   •  hEp://www.fidoalliance.org   •  Global  PlaLorm   •  hEp://www.globalplaLorm.org     •  Nok  Nok  Labs  –  pioneering  FIDO  standards  implementa%ons   •  Brainstorm,  Demonstra%on,  Evalua%on,  Webinar   •  Poneman-­‐Nok  Nok  Labs  Report   •  rajiv@noknok.com  or  info@noknok.com     •  hEp://www.noknok.com     26