SlideShare une entreprise Scribd logo

Microsoft's Implementation Roadmap for FIDO2

FIDO Alliance
FIDO Alliance

This presentation on Microsoft's implementation of FIDO2 was given at the FIDO Authentication Seminar in Austin, Texas on January 28, 2019.

Technologie
1  sur  30
Télécharger pour lire hors ligne
FIDO2 & Microsoft ANTHONY NADALIN MICROSOFT
https://docs.microsoft.com/en-us/microsoft-edge/dev-guide/windows-integration/web- authentication
Windows Hello
Password-less authenticationUser-friendly experienceEnterprise-grade security 47M enterprises have deployed Windows Hello for Business active Windows Hello users 6.5K growth in biometric capable computers 350%
FIDO2 Private preview began WebAuthn Support available to Windows 10 Insiders Self-provisioned keys for MSA Windows 10 October 2018 Update SPRING 2018 JULY 2018 OCTOBER 2018
Admin controls End-user self-provisioning FIDO2 for Azure AD accounts Public preview begins JANUARY 2019 FIDO2 Private preview began WebAuthn Support available to Windows 10 Insiders Self-provisioned keys for MSA Windows 10 October 2018 Update SPRING 2018 JULY 2018 OCTOBER 2018
Save Discard METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes Allowed methods Documentation = Recommended Registration settings Usage and insights Getting started ACTIVITY Audit logs TROUBLESHOOTING + SUPPORT Troubleshoot New support request MANAGE Authentication methods Password protection (Preview) i i i i i i i i i i Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods 1 group Yes Text message i
REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes … FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No KEY RESTRICTION POLICY + add AAGUID Allow Block Yes No Enforce key restrictions Restrict specific keys Yes No Manage security keys Manual set-up All users All users Select users
REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No KEY RESTRICTION POLICY + add AAGUID Allow Block Yes No Enforce key restrictions Restrict specific keys Manage security keys Manual set-up All users Select users All users
REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No KEY RESTRICTION POLICY + add AAGUID Allow Block Enforce key restrictions Restrict specific keys Manage security keys Manual set-up No users selected … Yes No
REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No Manage security keys Manual set-up Search by name or email address Search OK Cancel Search by name of email addressPilot Add users and groups …No users selected
REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No Manage security keys Manual set-up Search by name or email address Search OK Cancel Search by name of email addressPilot group Pilot group Pilotgroup@wingtiptoys.com Pilot group corp pilotgrpcorp@wingtiptoys.com Pilot group NYC pilotgrpmkt@wingtiptoys.com PG PG PG Add users and groups …No users selected
REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No Manage security keys Manual set-up Search by name or email address Search Search by name of email addressPilot group Add users and groups OK Cancel Pilot group Pilotgroup@wingtiptoys.com PG x OK Cancel …No users selected
REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No KEY RESTRICTION POLICY + add AAGUID Allow Block Enforce key restrictions Restrict specific keys Manage security keys Manual set-up Pilot group … Yes No
Wingtip Toys
Wingtip Toys
Wingtip Toys
Wingtip Toys
Wingtip Toys
Wingtip Toys
Wingtip Toys
Wingtip Toys
Wingtip Toys
FIDO2 security key 1 Windows 10 device 6 3 4 7 9 2 3 4 5 2 1 User plugs FIDO2 security key into computer Windows detects FIDO2 security key Windows device sends auth request Azure AD sends back nonce User completes gesture to unlock private key stored in security key’s secure enclave FIDO2 security key signs nonce with private key PRT token request with signed nonce is sent to Azure AD Azure AD verifies FIDO key Azure AD returns PRT and TGT to enable access to on-premises resources 8 7 8 9 5 6

Recommandé

2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況FIDO Alliance
 
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Alliance
 
FIDO2 & Microsoft
FIDO2 & MicrosoftFIDO2 & Microsoft
FIDO2 & MicrosoftFIDO Alliance
 
パスワードのいらない世界へ  FIDO認証の最新状況
パスワードのいらない世界へ  FIDO認証の最新状況パスワードのいらない世界へ  FIDO認証の最新状況
パスワードのいらない世界へ  FIDO認証の最新状況FIDO Alliance
 
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptxFIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptxFIDO Alliance
 
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance
 
FIDO認証によるパスワードレスログイン実装入門
FIDO認証によるパスワードレスログイン実装入門FIDO認証によるパスワードレスログイン実装入門
FIDO認証によるパスワードレスログイン実装入門Yahoo!デベロッパーネットワーク
 
FIDO and the Future of User Authentication
FIDO and the Future of User AuthenticationFIDO and the Future of User Authentication
FIDO and the Future of User AuthenticationFIDO Alliance
 

Recommandé

2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況FIDO Alliance
 
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Alliance
 
FIDO2 & Microsoft
FIDO2 & MicrosoftFIDO2 & Microsoft
FIDO2 & MicrosoftFIDO Alliance
 
パスワードのいらない世界へ  FIDO認証の最新状況
パスワードのいらない世界へ  FIDO認証の最新状況パスワードのいらない世界へ  FIDO認証の最新状況
パスワードのいらない世界へ  FIDO認証の最新状況FIDO Alliance
 
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptxFIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptxFIDO Alliance
 
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance
 
FIDO認証によるパスワードレスログイン実装入門
FIDO認証によるパスワードレスログイン実装入門FIDO認証によるパスワードレスログイン実装入門
FIDO認証によるパスワードレスログイン実装入門Yahoo!デベロッパーネットワーク
 
FIDO and the Future of User Authentication
FIDO and the Future of User AuthenticationFIDO and the Future of User Authentication
FIDO and the Future of User AuthenticationFIDO Alliance
 
Fido Technical Overview
Fido Technical OverviewFido Technical Overview
Fido Technical OverviewFIDO Alliance
 
Hybrid Azure AD Join 動作の仕組みを徹底解説
Hybrid Azure AD Join 動作の仕組みを徹底解説Hybrid Azure AD Join 動作の仕組みを徹底解説
Hybrid Azure AD Join 動作の仕組みを徹底解説Yusuke Kodama
 
FIDO2 Specifications Overview
FIDO2 Specifications OverviewFIDO2 Specifications Overview
FIDO2 Specifications OverviewFIDO Alliance
 
パスワードのいらない世界へ
パスワードのいらない世界へパスワードのいらない世界へ
パスワードのいらない世界へKeiko Itakura
 
Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for AuthenticationIntroduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for AuthenticationFIDO Alliance
 
FIDO2 ~ パスワードのいらない世界へ
FIDO2 ~ パスワードのいらない世界へFIDO2 ~ パスワードのいらない世界へ
FIDO2 ~ パスワードのいらない世界へFIDO Alliance
 
FIDOのキホン
FIDOのキホンFIDOのキホン
FIDOのキホンYahoo!デベロッパーネットワーク
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxFIDO Alliance
 
FIDO 생체인증 기술 개발 사례
FIDO 생체인증 기술 개발 사례FIDO 생체인증 기술 개발 사례
FIDO 생체인증 기술 개발 사례Lee Ji Eun
 
Idcon25 FIDO2 の概要と YubiKey の実装
Idcon25 FIDO2 の概要と YubiKey の実装Idcon25 FIDO2 の概要と YubiKey の実装
Idcon25 FIDO2 の概要と YubiKey の実装Haniyama Wataru
 
Web App for Containers + MySQLでコンテナ対応したPHPアプリを作ろう!
Web App for Containers + MySQLでコンテナ対応したPHPアプリを作ろう! Web App for Containers + MySQLでコンテナ対応したPHPアプリを作ろう!
Web App for Containers + MySQLでコンテナ対応したPHPアプリを作ろう! Yoichi Kawasaki
 
#idcon vol.29 - #fidcon WebAuthn, Next Stage
#idcon vol.29 - #fidcon WebAuthn, Next Stage#idcon vol.29 - #fidcon WebAuthn, Next Stage
#idcon vol.29 - #fidcon WebAuthn, Next StageNov Matake
 
富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案FIDO Alliance
 
OAuth / OpenID Connectを中心とするAPIセキュリティについて #yuzawaws
OAuth / OpenID Connectを中心とするAPIセキュリティについて #yuzawawsOAuth / OpenID Connectを中心とするAPIセキュリティについて #yuzawaws
OAuth / OpenID Connectを中心とするAPIセキュリティについて #yuzawawsTatsuo Kudo
 
Implementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on KeycloakImplementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on KeycloakYuichi Nakamura
 
OpenID Connect入門
OpenID Connect入門OpenID Connect入門
OpenID Connect入門土岐 孝平
 
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Jun Kurihara
 
認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜Masaru Kurahayashi
 
Azure ADの外部コラボレーションとBYOID
Azure ADの外部コラボレーションとBYOIDAzure ADの外部コラボレーションとBYOID
Azure ADの外部コラボレーションとBYOIDNaohiro Fujie
 
IT エンジニアのための 流し読み Windows 10 - Windows Hello for Business
IT エンジニアのための 流し読み Windows 10 - Windows Hello for BusinessIT エンジニアのための 流し読み Windows 10 - Windows Hello for Business
IT エンジニアのための 流し読み Windows 10 - Windows Hello for BusinessTAKUYA OHTA
 
IAPP_CIPM_certification_training_Course_Content
IAPP_CIPM_certification_training_Course_ContentIAPP_CIPM_certification_training_Course_Content
IAPP_CIPM_certification_training_Course_Contentpriyanshamadhwal2
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionMicrosoft
 

Contenu connexe

Tendances

Fido Technical Overview
Fido Technical OverviewFido Technical Overview
Fido Technical OverviewFIDO Alliance
 
Hybrid Azure AD Join 動作の仕組みを徹底解説
Hybrid Azure AD Join 動作の仕組みを徹底解説Hybrid Azure AD Join 動作の仕組みを徹底解説
Hybrid Azure AD Join 動作の仕組みを徹底解説Yusuke Kodama
 
FIDO2 Specifications Overview
FIDO2 Specifications OverviewFIDO2 Specifications Overview
FIDO2 Specifications OverviewFIDO Alliance
 
パスワードのいらない世界へ
パスワードのいらない世界へパスワードのいらない世界へ
パスワードのいらない世界へKeiko Itakura
 
Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for AuthenticationIntroduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for AuthenticationFIDO Alliance
 
FIDO2 ~ パスワードのいらない世界へ
FIDO2 ~ パスワードのいらない世界へFIDO2 ~ パスワードのいらない世界へ
FIDO2 ~ パスワードのいらない世界へFIDO Alliance
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxFIDO Alliance
 
FIDO 생체인증 기술 개발 사례
FIDO 생체인증 기술 개발 사례FIDO 생체인증 기술 개발 사례
FIDO 생체인증 기술 개발 사례Lee Ji Eun
 
Idcon25 FIDO2 の概要と YubiKey の実装
Idcon25 FIDO2 の概要と YubiKey の実装Idcon25 FIDO2 の概要と YubiKey の実装
Idcon25 FIDO2 の概要と YubiKey の実装Haniyama Wataru
 
Web App for Containers + MySQLでコンテナ対応したPHPアプリを作ろう!
Web App for Containers + MySQLでコンテナ対応したPHPアプリを作ろう! Web App for Containers + MySQLでコンテナ対応したPHPアプリを作ろう!
Web App for Containers + MySQLでコンテナ対応したPHPアプリを作ろう! Yoichi Kawasaki
 
#idcon vol.29 - #fidcon WebAuthn, Next Stage
#idcon vol.29 - #fidcon WebAuthn, Next Stage#idcon vol.29 - #fidcon WebAuthn, Next Stage
#idcon vol.29 - #fidcon WebAuthn, Next StageNov Matake
 
富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案FIDO Alliance
 
OAuth / OpenID Connectを中心とするAPIセキュリティについて #yuzawaws
OAuth / OpenID Connectを中心とするAPIセキュリティについて #yuzawawsOAuth / OpenID Connectを中心とするAPIセキュリティについて #yuzawaws
OAuth / OpenID Connectを中心とするAPIセキュリティについて #yuzawawsTatsuo Kudo
 
Implementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on KeycloakImplementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on KeycloakYuichi Nakamura
 
OpenID Connect入門
OpenID Connect入門OpenID Connect入門
OpenID Connect入門土岐 孝平
 
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Jun Kurihara
 
認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜Masaru Kurahayashi
 
Azure ADの外部コラボレーションとBYOID
Azure ADの外部コラボレーションとBYOIDAzure ADの外部コラボレーションとBYOID
Azure ADの外部コラボレーションとBYOIDNaohiro Fujie
 
IT エンジニアのための 流し読み Windows 10 - Windows Hello for Business
IT エンジニアのための 流し読み Windows 10 - Windows Hello for BusinessIT エンジニアのための 流し読み Windows 10 - Windows Hello for Business
IT エンジニアのための 流し読み Windows 10 - Windows Hello for BusinessTAKUYA OHTA
 

Tendances (20)

Fido Technical Overview
Fido Technical OverviewFido Technical Overview
Fido Technical Overview
 
Hybrid Azure AD Join 動作の仕組みを徹底解説
Hybrid Azure AD Join 動作の仕組みを徹底解説Hybrid Azure AD Join 動作の仕組みを徹底解説
Hybrid Azure AD Join 動作の仕組みを徹底解説
 
FIDO2 Specifications Overview
FIDO2 Specifications OverviewFIDO2 Specifications Overview
FIDO2 Specifications Overview
 
パスワードのいらない世界へ
パスワードのいらない世界へパスワードのいらない世界へ
パスワードのいらない世界へ
 
Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for AuthenticationIntroduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
 
FIDO2 ~ パスワードのいらない世界へ
FIDO2 ~ パスワードのいらない世界へFIDO2 ~ パスワードのいらない世界へ
FIDO2 ~ パスワードのいらない世界へ
 
FIDOのキホン
FIDOのキホンFIDOのキホン
FIDOのキホン
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
 
FIDO 생체인증 기술 개발 사례
FIDO 생체인증 기술 개발 사례FIDO 생체인증 기술 개발 사례
FIDO 생체인증 기술 개발 사례
 
Idcon25 FIDO2 の概要と YubiKey の実装
Idcon25 FIDO2 の概要と YubiKey の実装Idcon25 FIDO2 の概要と YubiKey の実装
Idcon25 FIDO2 の概要と YubiKey の実装
 
Web App for Containers + MySQLでコンテナ対応したPHPアプリを作ろう!
Web App for Containers + MySQLでコンテナ対応したPHPアプリを作ろう! Web App for Containers + MySQLでコンテナ対応したPHPアプリを作ろう!
Web App for Containers + MySQLでコンテナ対応したPHPアプリを作ろう!
 
#idcon vol.29 - #fidcon WebAuthn, Next Stage
#idcon vol.29 - #fidcon WebAuthn, Next Stage#idcon vol.29 - #fidcon WebAuthn, Next Stage
#idcon vol.29 - #fidcon WebAuthn, Next Stage
 
富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案
 
OAuth / OpenID Connectを中心とするAPIセキュリティについて #yuzawaws
OAuth / OpenID Connectを中心とするAPIセキュリティについて #yuzawawsOAuth / OpenID Connectを中心とするAPIセキュリティについて #yuzawaws
OAuth / OpenID Connectを中心とするAPIセキュリティについて #yuzawaws
 
Implementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on KeycloakImplementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on Keycloak
 
OpenID Connect入門
OpenID Connect入門OpenID Connect入門
OpenID Connect入門
 
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
 
認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜
 
Azure ADの外部コラボレーションとBYOID
Azure ADの外部コラボレーションとBYOIDAzure ADの外部コラボレーションとBYOID
Azure ADの外部コラボレーションとBYOID
 
IT エンジニアのための 流し読み Windows 10 - Windows Hello for Business
IT エンジニアのための 流し読み Windows 10 - Windows Hello for BusinessIT エンジニアのための 流し読み Windows 10 - Windows Hello for Business
IT エンジニアのための 流し読み Windows 10 - Windows Hello for Business
 

Similaire à Microsoft's Implementation Roadmap for FIDO2

IAPP_CIPM_certification_training_Course_Content
IAPP_CIPM_certification_training_Course_ContentIAPP_CIPM_certification_training_Course_Content
IAPP_CIPM_certification_training_Course_Contentpriyanshamadhwal2
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionMicrosoft
 
Salesforce.Com - my presentation from April User Group
Salesforce.Com - my presentation from April User GroupSalesforce.Com - my presentation from April User Group
Salesforce.Com - my presentation from April User GroupMaria Pergolino
 
December 2019 Microsoft 365 Need to Know Webinar
December 2019 Microsoft 365 Need to Know WebinarDecember 2019 Microsoft 365 Need to Know Webinar
December 2019 Microsoft 365 Need to Know WebinarRobert Crane
 
Blackhat Analyics 4: May the 25th be with you!
Blackhat Analyics 4: May the 25th be with you!Blackhat Analyics 4: May the 25th be with you!
Blackhat Analyics 4: May the 25th be with you!Phil Pearce
 
Microsoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft TechNet
 
Cyber crime with privention
Cyber crime with privention Cyber crime with privention
Cyber crime with privention Manish Dixit Ceh
 
MS_Learning_Transcript.PDF
MS_Learning_Transcript.PDFMS_Learning_Transcript.PDF
MS_Learning_Transcript.PDFTaha Rashad
 
Securing SharePoint, OneDrive, & Teams with Sensitivity Labels
Securing SharePoint, OneDrive, & Teams with Sensitivity LabelsSecuring SharePoint, OneDrive, & Teams with Sensitivity Labels
Securing SharePoint, OneDrive, & Teams with Sensitivity LabelsDrew Madelung
 
Forefront Identity Manager 2010 (Av Rune Lystad)
Forefront Identity Manager 2010 (Av Rune Lystad)Forefront Identity Manager 2010 (Av Rune Lystad)
Forefront Identity Manager 2010 (Av Rune Lystad)Microsoft Norge AS
 
MS_Learning_Transcript.PDF
MS_Learning_Transcript.PDFMS_Learning_Transcript.PDF
MS_Learning_Transcript.PDFyoussef Salama
 
Como o Azure Information Protection pode manter seus dados seguros
Como o Azure Information Protection pode manter seus dados segurosComo o Azure Information Protection pode manter seus dados seguros
Como o Azure Information Protection pode manter seus dados segurosBruno Lopes
 
Effective Instrumentation Strategies for Data-driven Product Management
Effective Instrumentation Strategies for Data-driven Product Management Effective Instrumentation Strategies for Data-driven Product Management
Effective Instrumentation Strategies for Data-driven Product Management Pawan Kumar Adda
 
What's New with Ivanti’s Enterprise Licensing Agreement?
What's New with Ivanti’s Enterprise Licensing Agreement?What's New with Ivanti’s Enterprise Licensing Agreement?
What's New with Ivanti’s Enterprise Licensing Agreement?Ivanti
 
Red Hat Summit - OpenShift Identity Management and Compliance
Red Hat Summit - OpenShift Identity Management and ComplianceRed Hat Summit - OpenShift Identity Management and Compliance
Red Hat Summit - OpenShift Identity Management and ComplianceMarc Boorshtein
 
EMS, one suite to manage and secure your workplace
EMS, one suite to manage and secure your workplaceEMS, one suite to manage and secure your workplace
EMS, one suite to manage and secure your workplaceDelta-N
 
download Advance google-certified-digital-marketing-course syllbus
download Advance google-certified-digital-marketing-course syllbusdownload Advance google-certified-digital-marketing-course syllbus
download Advance google-certified-digital-marketing-course syllbusshilpa gupta
 
Advance digital marketing course syllabus
Advance digital marketing course syllabusAdvance digital marketing course syllabus
Advance digital marketing course syllabusManish Kumar Singh
 

Similaire à Microsoft's Implementation Roadmap for FIDO2 (20)

IAPP_CIPM_certification_training_Course_Content
IAPP_CIPM_certification_training_Course_ContentIAPP_CIPM_certification_training_Course_Content
IAPP_CIPM_certification_training_Course_Content
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
 
Salesforce.Com - my presentation from April User Group
Salesforce.Com - my presentation from April User GroupSalesforce.Com - my presentation from April User Group
Salesforce.Com - my presentation from April User Group
 
December 2019 Microsoft 365 Need to Know Webinar
December 2019 Microsoft 365 Need to Know WebinarDecember 2019 Microsoft 365 Need to Know Webinar
December 2019 Microsoft 365 Need to Know Webinar
 
Blackhat Analyics 4: May the 25th be with you!
Blackhat Analyics 4: May the 25th be with you!Blackhat Analyics 4: May the 25th be with you!
Blackhat Analyics 4: May the 25th be with you!
 
Microsoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And Control
 
Cyber crime with privention
Cyber crime with privention Cyber crime with privention
Cyber crime with privention
 
Building a Secure Organization
Building a Secure OrganizationBuilding a Secure Organization
Building a Secure Organization
 
MS_Learning_Transcript.PDF
MS_Learning_Transcript.PDFMS_Learning_Transcript.PDF
MS_Learning_Transcript.PDF
 
Securing SharePoint, OneDrive, & Teams with Sensitivity Labels
Securing SharePoint, OneDrive, & Teams with Sensitivity LabelsSecuring SharePoint, OneDrive, & Teams with Sensitivity Labels
Securing SharePoint, OneDrive, & Teams with Sensitivity Labels
 
Forefront Identity Manager 2010 (Av Rune Lystad)
Forefront Identity Manager 2010 (Av Rune Lystad)Forefront Identity Manager 2010 (Av Rune Lystad)
Forefront Identity Manager 2010 (Av Rune Lystad)
 
MS_Learning_Transcript.PDF
MS_Learning_Transcript.PDFMS_Learning_Transcript.PDF
MS_Learning_Transcript.PDF
 
Como o Azure Information Protection pode manter seus dados seguros
Como o Azure Information Protection pode manter seus dados segurosComo o Azure Information Protection pode manter seus dados seguros
Como o Azure Information Protection pode manter seus dados seguros
 
Effective Instrumentation Strategies for Data-driven Product Management
Effective Instrumentation Strategies for Data-driven Product Management Effective Instrumentation Strategies for Data-driven Product Management
Effective Instrumentation Strategies for Data-driven Product Management
 
What's New with Ivanti’s Enterprise Licensing Agreement?
What's New with Ivanti’s Enterprise Licensing Agreement?What's New with Ivanti’s Enterprise Licensing Agreement?
What's New with Ivanti’s Enterprise Licensing Agreement?
 
Red Hat Summit - OpenShift Identity Management and Compliance
Red Hat Summit - OpenShift Identity Management and ComplianceRed Hat Summit - OpenShift Identity Management and Compliance
Red Hat Summit - OpenShift Identity Management and Compliance
 
EMS, one suite to manage and secure your workplace
EMS, one suite to manage and secure your workplaceEMS, one suite to manage and secure your workplace
EMS, one suite to manage and secure your workplace
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
 
download Advance google-certified-digital-marketing-course syllbus
download Advance google-certified-digital-marketing-course syllbusdownload Advance google-certified-digital-marketing-course syllbus
download Advance google-certified-digital-marketing-course syllbus
 
Advance digital marketing course syllabus
Advance digital marketing course syllabusAdvance digital marketing course syllabus
Advance digital marketing course syllabus
 

Plus de FIDO Alliance

OTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptxOTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptxFIDO Alliance
 
CISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptxCISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptxFIDO Alliance
 
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)FIDO Alliance
 
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance
 
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comConsumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comFIDO Alliance
 
新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向FIDO Alliance
 
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想FIDO Alliance
 
Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesIntroduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesFIDO Alliance
 
テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察FIDO Alliance
 
「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへFIDO Alliance
 
YubiOnが目指す未来
YubiOnが目指す未来YubiOnが目指す未来
YubiOnが目指す未来FIDO Alliance
 
FIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみたFIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみたFIDO Alliance
 
中小企業によるFIDO導入事例
中小企業によるFIDO導入事例中小企業によるFIDO導入事例
中小企業によるFIDO導入事例FIDO Alliance
 
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセスVPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセスFIDO Alliance
 
CloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワークCloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワークFIDO Alliance
 
数々の実績:迅速なFIDO認証の展開をサポート
数々の実績:迅速なFIDO認証の展開をサポート数々の実績:迅速なFIDO認証の展開をサポート
数々の実績:迅速なFIDO認証の展開をサポートFIDO Alliance
 
FIDO Alliance Research: Consumer Attitudes Towards Authentication
FIDO Alliance Research: Consumer Attitudes Towards AuthenticationFIDO Alliance Research: Consumer Attitudes Towards Authentication
FIDO Alliance Research: Consumer Attitudes Towards AuthenticationFIDO Alliance
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationFIDO Alliance
 
20200303 ISR プライベートセミナー:パスワードのいらない世界へ
20200303 ISR プライベートセミナー:パスワードのいらない世界へ20200303 ISR プライベートセミナー:パスワードのいらない世界へ
20200303 ISR プライベートセミナー:パスワードのいらない世界へFIDO Alliance
 
Tokyo press 2019 slides presentations
Tokyo press 2019 slides presentationsTokyo press 2019 slides presentations
Tokyo press 2019 slides presentationsFIDO Alliance
 

Plus de FIDO Alliance (20)

OTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptxOTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptx
 
CISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptxCISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptx
 
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
 
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
 
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comConsumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
 
新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向
 
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
 
Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesIntroduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS Services
 
テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察
 
「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ
 
YubiOnが目指す未来
YubiOnが目指す未来YubiOnが目指す未来
YubiOnが目指す未来
 
FIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみたFIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみた
 
中小企業によるFIDO導入事例
中小企業によるFIDO導入事例中小企業によるFIDO導入事例
中小企業によるFIDO導入事例
 
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセスVPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
 
CloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワークCloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワーク
 
数々の実績:迅速なFIDO認証の展開をサポート
数々の実績:迅速なFIDO認証の展開をサポート数々の実績:迅速なFIDO認証の展開をサポート
数々の実績:迅速なFIDO認証の展開をサポート
 
FIDO Alliance Research: Consumer Attitudes Towards Authentication
FIDO Alliance Research: Consumer Attitudes Towards AuthenticationFIDO Alliance Research: Consumer Attitudes Towards Authentication
FIDO Alliance Research: Consumer Attitudes Towards Authentication
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
 
20200303 ISR プライベートセミナー:パスワードのいらない世界へ
20200303 ISR プライベートセミナー:パスワードのいらない世界へ20200303 ISR プライベートセミナー:パスワードのいらない世界へ
20200303 ISR プライベートセミナー:パスワードのいらない世界へ
 
Tokyo press 2019 slides presentations
Tokyo press 2019 slides presentationsTokyo press 2019 slides presentations
Tokyo press 2019 slides presentations
 

Dernier

Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Dernier (20)

Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Microsoft's Implementation Roadmap for FIDO2

  • 2.
  • 3.
  • 5.
  • 6.
  • 8. Password-less authenticationUser-friendly experienceEnterprise-grade security 47M enterprises have deployed Windows Hello for Business active Windows Hello users 6.5K growth in biometric capable computers 350%
  • 9. FIDO2 Private preview began WebAuthn Support available to Windows 10 Insiders Self-provisioned keys for MSA Windows 10 October 2018 Update SPRING 2018 JULY 2018 OCTOBER 2018
  • 10. Admin controls End-user self-provisioning FIDO2 for Azure AD accounts Public preview begins JANUARY 2019 FIDO2 Private preview began WebAuthn Support available to Windows 10 Insiders Self-provisioned keys for MSA Windows 10 October 2018 Update SPRING 2018 JULY 2018 OCTOBER 2018
  • 11. Save Discard METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes Allowed methods Documentation = Recommended Registration settings Usage and insights Getting started ACTIVITY Audit logs TROUBLESHOOTING + SUPPORT Troubleshoot New support request MANAGE Authentication methods Password protection (Preview) i i i i i i i i i i Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods 1 group Yes Text message i
  • 12. REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes … FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No KEY RESTRICTION POLICY + add AAGUID Allow Block Yes No Enforce key restrictions Restrict specific keys Yes No Manage security keys Manual set-up All users All users Select users
  • 13. REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No KEY RESTRICTION POLICY + add AAGUID Allow Block Yes No Enforce key restrictions Restrict specific keys Manage security keys Manual set-up All users Select users All users
  • 14. REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No KEY RESTRICTION POLICY + add AAGUID Allow Block Enforce key restrictions Restrict specific keys Manage security keys Manual set-up No users selected … Yes No
  • 15. REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No Manage security keys Manual set-up Search by name or email address Search OK Cancel Search by name of email addressPilot Add users and groups …No users selected
  • 16. REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No Manage security keys Manual set-up Search by name or email address Search OK Cancel Search by name of email addressPilot group Pilot group Pilotgroup@wingtiptoys.com Pilot group corp pilotgrpcorp@wingtiptoys.com Pilot group NYC pilotgrpmkt@wingtiptoys.com PG PG PG Add users and groups …No users selected
  • 17. REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No Manage security keys Manual set-up Search by name or email address Search Search by name of email addressPilot group Add users and groups OK Cancel Pilot group Pilotgroup@wingtiptoys.com PG x OK Cancel …No users selected
  • 18. REQUIRE REGISTRATION: METHOD TARGET ENABLED Password All users Yes Phone call All users Yes Microsoft Authenticator app No Verification code – authenticator app No Verification code – hardware token No Windows Hello No FIDO No PIN No Email address No Security questions 5 groups Yes = Recommended Save Save Discard Allowed methods Documentation Registration settings TROUBLESHOOTING + SUPPORT Troubleshoot New support request ACTIVITY Audit logs MANAGE Authentication methods Password protection (Preview) Usage and insights Getting started Authentication methods Wingtiptoys – Azure AD Security Home > Authentication methods > Authentication methods TARGET USERSENABLE Save Discard CONFIGURE REGISTRATION Required All users Select users NAME + add users and group 1 group Yes FIDO2 Security Keys Yes No Allow self-service set-up for groups Yes No Enforce Attestation Yes No KEY RESTRICTION POLICY + add AAGUID Allow Block Enforce key restrictions Restrict specific keys Manage security keys Manual set-up Pilot group … Yes No
  • 19.
  • 20.
  • 30. FIDO2 security key 1 Windows 10 device 6 3 4 7 9 2 3 4 5 2 1 User plugs FIDO2 security key into computer Windows detects FIDO2 security key Windows device sends auth request Azure AD sends back nonce User completes gesture to unlock private key stored in security key’s secure enclave FIDO2 security key signs nonce with private key PRT token request with signed nonce is sent to Azure AD Azure AD verifies FIDO key Azure AD returns PRT and TGT to enable access to on-premises resources 8 7 8 9 5 6