fido and strong authentication in us federal government

Upload: fido-alliance

Post on 15-Apr-2017

478 views

Category:

Technology

1 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: FIDO and Strong Authentication in US Federal Government

#FIDOseminar

FIDO & STRONG AUTHENTICATION IN US FEDERAL GOVERNMENT

Paul Grassi, Senior Standards and Technology Advisor, NIST

Page 2: FIDO and Strong Authentication in US Federal Government

Strong Authentication and US Digital Services

Page 3: FIDO and Strong Authentication in US Federal Government

–Dr. Andy Ozment

“…encryption would not have helped…”

Page 4: FIDO and Strong Authentication in US Federal Government

Privacy Enhancing & Voluntary

Secure & Resilient

Interoperable

Cost-Effective & Easy to Use

Page 5: FIDO and Strong Authentication in US Federal Government

USG Use Cases

?M-05-24

Page 6: FIDO and Strong Authentication in US Federal Government

Page 7: FIDO and Strong Authentication in US Federal Government

relevant efforts @ NIST

Page 8: FIDO and Strong Authentication in US Federal Government

strength of authentication (SOFA)https://pages.nist.gov/SOFA

https://pages.nist.gov/SOFA

Page 9: FIDO and Strong Authentication in US Federal Government

Page 10: FIDO and Strong Authentication in US Federal Government

Authenticator Assurance Level 3(formerly known as LOA4)

AAL 3 is intended to provide the highest practical remote network authentication assurance. Authentication at AAL 3 is

based on proof of possession of a key in a physical authenticator through a cryptographic protocol. AAL 3 is similar to AAL 2 except that only hardware cryptographic

authenticators (in conjunction with a memorized secret for single-factor cryptographic devices) and multi-factor OTP

devices are allowed. The authenticator SHALL be a hardware cryptographic module validated at Federal Information

Processing Standard (FIPS) 140 Level 2 or higher overall (Level 1 for single-factor authenticators) with at least FIPS

140 Level 3 physical security.

Page 11: FIDO and Strong Authentication in US Federal Government

always supported

Page 12: FIDO and Strong Authentication in US Federal Government

newly supported

Page 13: FIDO and Strong Authentication in US Federal Government

STRONG AUTHENTICATION ... NO PASSWORDS

FIDO Authentication Opportunities in Healthcare

Bio-Authentication (FIDO) and PKI Trends in Korea

Defeating Pass-the-Hash - Black Hat | Home Have the Technology •Multi-Factor Authentication •Stealing one credential isn’t enough. •Strong Credentials •Smart cards, FIDO

NIST 800-63 Guidance & FIDO Authentication

Response to the European Banking Authority (EBA ... · Response to EBA DP on Future RTS on Strong Customer Authentication and Secure Communication Under PSD2 ©FIDO Alliance 2016

Strong authentication implementation guide

An Industry Roadmap for Open Strong Authentication€¦ · An Industry Roadmap for Open Strong Authentication 5 Universal Strong Authentication for Users and Devices The strength—that

Federation - FIDO Alliance - Open Authentication Standards ... · Federation Jerrod Chong, VP Solutions. 2 ... Strong authentication not always tied to identity of user FIDO authentication

FIDO and beyond - where authentication meets identification … · introduction into regular PT operation •Mobile Applications & Test FIDO Alliance. AUthentication Open eID / PA

FIDO & PSD2 - FIDO Alliance - Open Authentication ... · FIDO&PSD2 - Providing for a satisfactory customer journey ©FIDO Alliance 2018 Page 3 3 The different authentication models

Strong User Authentication Mechanisms

Expected Use Cases of FIDO authentication in Social Apps in Jap… · Status of FIDO in Japan What’s happening in Japan. FIDO Japan WG: Mission and Activities FJ-Deployment

Solution Focus Area FIDO* Support on Intel® Platforms...New strong authentication standards from the FIDO Alliance—combined with passwordless solutions from vendors—can simplify

FIDO Modern Authentication - Crypto Vision · FIDO –Modern Authentication 4 Password Problem Hacked from databases Re-used across sites Ill-suited for mobile devices Phished Key

FIDO, PKI & beyond: Where Authentication Meets Identification

FIDO Alliance: Standards-based Solutions for Simpler, Strong … · 2019-01-23 · FIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication ... FIDO Standards FIDO

Ultra-strong authentication to protect network …...Ultra-strong authentication to protect network access and assets ESET Secure Authentication provides powerful authentication to

Ultra-strong authentication to protect network access and ... · Ultra-strong authentication to protect network access and assets ESET Secure Authentication provides powerful authentication

Strong Authentication for Physical Access using Mobile … · Strong Authentication for Physical Access using Mobile Devices ... Need for Strong Authentication for Physical Access

TALE OF ONTENTS - FIDO Alliance · authentication methods. Risk-based authentication allows businesses to optimize their use of authentication methods that could introduce additional

Introduction to FIDO: A New Model for Authentication

Introduction to Strong Authentication

FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Alliance -Tokyo Seminar -Gomi

Strong password authentication with AKA authentication

Strong Authentication Plan

Introduction to FIDO Authentication

Strong Authentication for Payments

Protecting IDAAS with FIDO Authentication

Strong Authentication with PKI

Authentication and Strong Authentication in Web Applications

Identity Tech Talks #3 FIDO futur of authentication

FIDO, Strong Authentication and elD in Germany

FIDO and the Future of Simpler and Stronger Authentication...Dr. Andrea Höller Infineon Technologies Austria AG FIDO and the Future of Simpler and Stronger Authentication RISE Spring