SlideShare une entreprise Scribd logo

Risk Appropriate Authentication External

H
hagero
1  sur  26
Télécharger pour lire hors ligne
risk-appropriate authentication – a vision of tomorrow Per Hägerö CTO
risk-appropriate authentication? 1
2
3
What are your options? Something only you know (hopefully) Something you hold KBA: Lexical Token: OTP KBA: Graphical Token: PKI Something your are Token: OOB Biometrics: Biological Biometrics: Behavioral 4
Risk levels (NIST SP 800-63-1) High Medium Low Minimal 5
Risk levels (NIST SP 800-63-1) High PKI Medium OTP OOB Low Lexical Minimal 6
is it that easy? 7
NO! 8
There are a number of needs and constraints you need to consider   Who are you authenticating?   Where are they?   What will they use it for?   What end-points are they using?   Are there any regulations?   What is the available budget?   What is the risk?   Others? 9
all set? 10
not yet… 11
consider the aspect of identity proofing 12
≤ 100 % 13
IDENTITY PROOFING AUTHENTICATION 14
IDENTITY PROOFING AUTHENTICATION 15
IDENTITY PROOFING IDENTITY ASSURANCE AUTHENTICATION 16
Assurance Adjacent needs Considerations Ease-of-use TCO 17
18
trends 19
ease of use 20
less is more 21
user centric 22
authenticate once 23
layered approach 24
PRESENTATION TITLE Whats up at Nexus Labs? 25

Recommandé

Pay Forum Conference
Pay Forum ConferencePay Forum Conference
Pay Forum Conferencehagero
 
Sleep Presentation
Sleep Presentation Sleep Presentation
Sleep Presentation meganmorawitz
 
Samefilename compressed
Samefilename compressed Samefilename compressed
Samefilename compressed misty25
 
Video méxico
Video méxicoVideo méxico
Video méxicojaquelineeee25
 
Fruits and Veggies Not Wasted in Schools Anymore
Fruits and Veggies Not Wasted in Schools AnymoreFruits and Veggies Not Wasted in Schools Anymore
Fruits and Veggies Not Wasted in Schools AnymoreSamantha Krahenbuhl/Fox Valley Dental
 
SESIÓN 1: PARA CONOCERNOS
SESIÓN 1: PARA CONOCERNOSSESIÓN 1: PARA CONOCERNOS
SESIÓN 1: PARA CONOCERNOSXavicinoscar
 
Presentation
PresentationPresentation
Presentationcrittk
 
Podcasting Power Point
Podcasting Power PointPodcasting Power Point
Podcasting Power Pointguested7766
 

Recommandé

Pay Forum Conference
Pay Forum ConferencePay Forum Conference
Pay Forum Conferencehagero
 
Sleep Presentation
Sleep Presentation Sleep Presentation
Sleep Presentation meganmorawitz
 
Samefilename compressed
Samefilename compressed Samefilename compressed
Samefilename compressed misty25
 
Video méxico
Video méxicoVideo méxico
Video méxicojaquelineeee25
 
Fruits and Veggies Not Wasted in Schools Anymore
Fruits and Veggies Not Wasted in Schools AnymoreFruits and Veggies Not Wasted in Schools Anymore
Fruits and Veggies Not Wasted in Schools AnymoreSamantha Krahenbuhl/Fox Valley Dental
 
SESIÓN 1: PARA CONOCERNOS
SESIÓN 1: PARA CONOCERNOSSESIÓN 1: PARA CONOCERNOS
SESIÓN 1: PARA CONOCERNOSXavicinoscar
 
Presentation
PresentationPresentation
Presentationcrittk
 
Podcasting Power Point
Podcasting Power PointPodcasting Power Point
Podcasting Power Pointguested7766
 
Extend starfish to Support the Growing Hadoop Ecosystem
Extend starfish to Support the Growing Hadoop EcosystemExtend starfish to Support the Growing Hadoop Ecosystem
Extend starfish to Support the Growing Hadoop EcosystemFei Dong
 
Presentation1
Presentation1Presentation1
Presentation1chandmanju
 
3 baddesley-ensor-social-club-ltd-atherstone-warwickshire
3 baddesley-ensor-social-club-ltd-atherstone-warwickshire3 baddesley-ensor-social-club-ltd-atherstone-warwickshire
3 baddesley-ensor-social-club-ltd-atherstone-warwickshiresteverogers8465
 
Clínica del Masaje
Clínica del MasajeClínica del Masaje
Clínica del MasajePontevedra.comprarentuciudad.com
 
Project bullying
Project bullyingProject bullying
Project bullying4Gym Glyfadas
 
Hidden Trekking Places you have never seen Before
Hidden Trekking Places you have never seen BeforeHidden Trekking Places you have never seen Before
Hidden Trekking Places you have never seen BeforeGetupandgo
 
Digital artworks Ricardo G. Silveira
Digital artworks Ricardo G. SilveiraDigital artworks Ricardo G. Silveira
Digital artworks Ricardo G. SilveiraRicardo G. Silveira
 
130608 anchortravel presentation_nt
130608 anchortravel presentation_nt130608 anchortravel presentation_nt
130608 anchortravel presentation_ntSergey Medvedev
 
Education Funding Agency – David Ogden
Education Funding Agency – David OgdenEducation Funding Agency – David Ogden
Education Funding Agency – David OgdenHuddleHQ
 
Aplicatii
AplicatiiAplicatii
Aplicatiivelcuadrian
 
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilLASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilDavid Ochel
 
Crash Course In Brain Surgery
Crash Course In Brain SurgeryCrash Course In Brain Surgery
Crash Course In Brain Surgerymorisson
 
Cloud Security vs Security in the Cloud
Cloud Security vs Security in the CloudCloud Security vs Security in the Cloud
Cloud Security vs Security in the CloudTjylen Veselyj
 
Supplement V1.2
Supplement V1.2Supplement V1.2
Supplement V1.2cissp taiwan
 
The Rugged Way in the Cloud--Building Reliability and Security into Software
The Rugged Way in the Cloud--Building Reliability and Security into SoftwareThe Rugged Way in the Cloud--Building Reliability and Security into Software
The Rugged Way in the Cloud--Building Reliability and Security into SoftwareJames Wickett
 
Rugged Dev: Building Reliability and Security Into Software
Rugged Dev: Building Reliability and Security Into SoftwareRugged Dev: Building Reliability and Security Into Software
Rugged Dev: Building Reliability and Security Into SoftwareInnoTech
 
Moti Sagey CPX keynote _Are All security products created equal
Moti Sagey CPX keynote _Are All security products created equal Moti Sagey CPX keynote _Are All security products created equal
Moti Sagey CPX keynote _Are All security products created equal Moti Sagey מוטי שגיא
 
App Sec Eu08 Sec Frm Not In Code
App Sec Eu08 Sec Frm Not In CodeApp Sec Eu08 Sec Frm Not In Code
App Sec Eu08 Sec Frm Not In CodeSamuele Reghenzi
 
Strong Authentication in Web Application #SCS III
Strong Authentication in Web Application #SCS IIIStrong Authentication in Web Application #SCS III
Strong Authentication in Web Application #SCS IIISylvain Maret
 
PKI Interoperability
PKI InteroperabilityPKI Interoperability
PKI InteroperabilityConferencias FIST
 
Confoo 2012 - Web security keynote
Confoo 2012 - Web security keynoteConfoo 2012 - Web security keynote
Confoo 2012 - Web security keynoteAntonio Fontes
 
Why AppSec Matters
Why AppSec MattersWhy AppSec Matters
Why AppSec MattersInnoTech
 

Contenu connexe

En vedette

Extend starfish to Support the Growing Hadoop Ecosystem
Extend starfish to Support the Growing Hadoop EcosystemExtend starfish to Support the Growing Hadoop Ecosystem
Extend starfish to Support the Growing Hadoop EcosystemFei Dong
 
3 baddesley-ensor-social-club-ltd-atherstone-warwickshire
3 baddesley-ensor-social-club-ltd-atherstone-warwickshire3 baddesley-ensor-social-club-ltd-atherstone-warwickshire
3 baddesley-ensor-social-club-ltd-atherstone-warwickshiresteverogers8465
 
Hidden Trekking Places you have never seen Before
Hidden Trekking Places you have never seen BeforeHidden Trekking Places you have never seen Before
Hidden Trekking Places you have never seen BeforeGetupandgo
 
Digital artworks Ricardo G. Silveira
Digital artworks Ricardo G. SilveiraDigital artworks Ricardo G. Silveira
Digital artworks Ricardo G. SilveiraRicardo G. Silveira
 
130608 anchortravel presentation_nt
130608 anchortravel presentation_nt130608 anchortravel presentation_nt
130608 anchortravel presentation_ntSergey Medvedev
 
Education Funding Agency – David Ogden
Education Funding Agency – David OgdenEducation Funding Agency – David Ogden
Education Funding Agency – David OgdenHuddleHQ
 

En vedette (10)

Extend starfish to Support the Growing Hadoop Ecosystem
Extend starfish to Support the Growing Hadoop EcosystemExtend starfish to Support the Growing Hadoop Ecosystem
Extend starfish to Support the Growing Hadoop Ecosystem
 
Presentation1
Presentation1Presentation1
Presentation1
 
3 baddesley-ensor-social-club-ltd-atherstone-warwickshire
3 baddesley-ensor-social-club-ltd-atherstone-warwickshire3 baddesley-ensor-social-club-ltd-atherstone-warwickshire
3 baddesley-ensor-social-club-ltd-atherstone-warwickshire
 
Clínica del Masaje
Clínica del MasajeClínica del Masaje
Clínica del Masaje
 
Project bullying
Project bullyingProject bullying
Project bullying
 
Hidden Trekking Places you have never seen Before
Hidden Trekking Places you have never seen BeforeHidden Trekking Places you have never seen Before
Hidden Trekking Places you have never seen Before
 
Digital artworks Ricardo G. Silveira
Digital artworks Ricardo G. SilveiraDigital artworks Ricardo G. Silveira
Digital artworks Ricardo G. Silveira
 
130608 anchortravel presentation_nt
130608 anchortravel presentation_nt130608 anchortravel presentation_nt
130608 anchortravel presentation_nt
 
Education Funding Agency – David Ogden
Education Funding Agency – David OgdenEducation Funding Agency – David Ogden
Education Funding Agency – David Ogden
 
Aplicatii
AplicatiiAplicatii
Aplicatii
 

Similaire à Risk Appropriate Authentication External

LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilLASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilDavid Ochel
 
Crash Course In Brain Surgery
Crash Course In Brain SurgeryCrash Course In Brain Surgery
Crash Course In Brain Surgerymorisson
 
Cloud Security vs Security in the Cloud
Cloud Security vs Security in the CloudCloud Security vs Security in the Cloud
Cloud Security vs Security in the CloudTjylen Veselyj
 
The Rugged Way in the Cloud--Building Reliability and Security into Software
The Rugged Way in the Cloud--Building Reliability and Security into SoftwareThe Rugged Way in the Cloud--Building Reliability and Security into Software
The Rugged Way in the Cloud--Building Reliability and Security into SoftwareJames Wickett
 
Rugged Dev: Building Reliability and Security Into Software
Rugged Dev: Building Reliability and Security Into SoftwareRugged Dev: Building Reliability and Security Into Software
Rugged Dev: Building Reliability and Security Into SoftwareInnoTech
 
Moti Sagey CPX keynote _Are All security products created equal
Moti Sagey CPX keynote _Are All security products created equal Moti Sagey CPX keynote _Are All security products created equal
Moti Sagey CPX keynote _Are All security products created equal Moti Sagey מוטי שגיא
 
App Sec Eu08 Sec Frm Not In Code
App Sec Eu08 Sec Frm Not In CodeApp Sec Eu08 Sec Frm Not In Code
App Sec Eu08 Sec Frm Not In CodeSamuele Reghenzi
 
Strong Authentication in Web Application #SCS III
Strong Authentication in Web Application #SCS IIIStrong Authentication in Web Application #SCS III
Strong Authentication in Web Application #SCS IIISylvain Maret
 
Confoo 2012 - Web security keynote
Confoo 2012 - Web security keynoteConfoo 2012 - Web security keynote
Confoo 2012 - Web security keynoteAntonio Fontes
 
Why AppSec Matters
Why AppSec MattersWhy AppSec Matters
Why AppSec MattersInnoTech
 
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...NoNameCon
 
Architectural Layers for Security
Architectural Layers for SecurityArchitectural Layers for Security
Architectural Layers for Securityukdpe
 
Business Viability of a Lifescience Early-Stage Project
Business Viability of a Lifescience Early-Stage ProjectBusiness Viability of a Lifescience Early-Stage Project
Business Viability of a Lifescience Early-Stage Projectcarlosgabas
 
Strong Authentication State of the Art 2012 / Sarajevo CSO
Strong Authentication State of the Art 2012 / Sarajevo CSOStrong Authentication State of the Art 2012 / Sarajevo CSO
Strong Authentication State of the Art 2012 / Sarajevo CSOSylvain Maret
 
Introduction to OSLC
Introduction to OSLCIntroduction to OSLC
Introduction to OSLCopenservices
 
Asked and Answered: On Quantities and Qualities of Answers in Online Q&A Sites
Asked and Answered: On Quantities and Qualities of Answers in Online Q&A SitesAsked and Answered: On Quantities and Qualities of Answers in Online Q&A Sites
Asked and Answered: On Quantities and Qualities of Answers in Online Q&A SitesJohnLogie
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CloudIDSummit
 

Similaire à Risk Appropriate Authentication External (20)

LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilLASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
 
Crash Course In Brain Surgery
Crash Course In Brain SurgeryCrash Course In Brain Surgery
Crash Course In Brain Surgery
 
Cloud Security vs Security in the Cloud
Cloud Security vs Security in the CloudCloud Security vs Security in the Cloud
Cloud Security vs Security in the Cloud
 
Supplement V1.2
Supplement V1.2Supplement V1.2
Supplement V1.2
 
The Rugged Way in the Cloud--Building Reliability and Security into Software
The Rugged Way in the Cloud--Building Reliability and Security into SoftwareThe Rugged Way in the Cloud--Building Reliability and Security into Software
The Rugged Way in the Cloud--Building Reliability and Security into Software
 
Rugged Dev: Building Reliability and Security Into Software
Rugged Dev: Building Reliability and Security Into SoftwareRugged Dev: Building Reliability and Security Into Software
Rugged Dev: Building Reliability and Security Into Software
 
Moti Sagey CPX keynote _Are All security products created equal
Moti Sagey CPX keynote _Are All security products created equal Moti Sagey CPX keynote _Are All security products created equal
Moti Sagey CPX keynote _Are All security products created equal
 
App Sec Eu08 Sec Frm Not In Code
App Sec Eu08 Sec Frm Not In CodeApp Sec Eu08 Sec Frm Not In Code
App Sec Eu08 Sec Frm Not In Code
 
Strong Authentication in Web Application #SCS III
Strong Authentication in Web Application #SCS IIIStrong Authentication in Web Application #SCS III
Strong Authentication in Web Application #SCS III
 
PKI Interoperability
PKI InteroperabilityPKI Interoperability
PKI Interoperability
 
Confoo 2012 - Web security keynote
Confoo 2012 - Web security keynoteConfoo 2012 - Web security keynote
Confoo 2012 - Web security keynote
 
Why AppSec Matters
Why AppSec MattersWhy AppSec Matters
Why AppSec Matters
 
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
 
Architectural Layers for Security
Architectural Layers for SecurityArchitectural Layers for Security
Architectural Layers for Security
 
Business Viability of a Lifescience Early-Stage Project
Business Viability of a Lifescience Early-Stage ProjectBusiness Viability of a Lifescience Early-Stage Project
Business Viability of a Lifescience Early-Stage Project
 
Strong Authentication State of the Art 2012 / Sarajevo CSO
Strong Authentication State of the Art 2012 / Sarajevo CSOStrong Authentication State of the Art 2012 / Sarajevo CSO
Strong Authentication State of the Art 2012 / Sarajevo CSO
 
Loqr
LoqrLoqr
Loqr
 
Introduction to OSLC
Introduction to OSLCIntroduction to OSLC
Introduction to OSLC
 
Asked and Answered: On Quantities and Qualities of Answers in Online Q&A Sites
Asked and Answered: On Quantities and Qualities of Answers in Online Q&A SitesAsked and Answered: On Quantities and Qualities of Answers in Online Q&A Sites
Asked and Answered: On Quantities and Qualities of Answers in Online Q&A Sites
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
 

Plus de hagero

Webinar EIDI
Webinar EIDIWebinar EIDI
Webinar EIDIhagero
 
Authentication in 2020 - Predictions by the neXus CTO
Authentication in 2020 - Predictions by the neXus CTOAuthentication in 2020 - Predictions by the neXus CTO
Authentication in 2020 - Predictions by the neXus CTOhagero
 
neXus Common Access Card Webinar
neXus Common Access Card WebinarneXus Common Access Card Webinar
neXus Common Access Card Webinarhagero
 
121113 Pas Card Idc Akvavit
121113 Pas Card Idc Akvavit121113 Pas Card Idc Akvavit
121113 Pas Card Idc Akvavithagero
 
Akvavit Meeting
Akvavit MeetingAkvavit Meeting
Akvavit Meetinghagero
 
Cloud Security Foundation
Cloud Security FoundationCloud Security Foundation
Cloud Security Foundationhagero
 
MolnsäKerhet (Symposia 2009)
MolnsäKerhet (Symposia 2009)MolnsäKerhet (Symposia 2009)
MolnsäKerhet (Symposia 2009)hagero
 
Framtid Och Trender (Symposia 2009)
Framtid Och Trender (Symposia 2009)Framtid Och Trender (Symposia 2009)
Framtid Och Trender (Symposia 2009)hagero
 

Plus de hagero (8)

Webinar EIDI
Webinar EIDIWebinar EIDI
Webinar EIDI
 
Authentication in 2020 - Predictions by the neXus CTO
Authentication in 2020 - Predictions by the neXus CTOAuthentication in 2020 - Predictions by the neXus CTO
Authentication in 2020 - Predictions by the neXus CTO
 
neXus Common Access Card Webinar
neXus Common Access Card WebinarneXus Common Access Card Webinar
neXus Common Access Card Webinar
 
121113 Pas Card Idc Akvavit
121113 Pas Card Idc Akvavit121113 Pas Card Idc Akvavit
121113 Pas Card Idc Akvavit
 
Akvavit Meeting
Akvavit MeetingAkvavit Meeting
Akvavit Meeting
 
Cloud Security Foundation
Cloud Security FoundationCloud Security Foundation
Cloud Security Foundation
 
MolnsäKerhet (Symposia 2009)
MolnsäKerhet (Symposia 2009)MolnsäKerhet (Symposia 2009)
MolnsäKerhet (Symposia 2009)
 
Framtid Och Trender (Symposia 2009)
Framtid Och Trender (Symposia 2009)Framtid Och Trender (Symposia 2009)
Framtid Och Trender (Symposia 2009)
 

Risk Appropriate Authentication External