View
18
Download
0
Category
Preview:
Citation preview
1
FIDO and beyond -
where authentication
meets identification Dr. Kim Nguyen, Fellow (Bundesdruckerei),
Managing Director (D-Trust)
CA Day, Berlin, 2016-09-19
2
Agenda
What is FIDO?
News from the FIDO Alliance
Projects in Germany
3
THE TWO FLAVOURS OF FIDO: UAF / U2F
Login with device and biometrics
Advantage: No specific PIN/Password Quelle: https://fidoalliance.org/specifications/overview/
4
THE TWO FLAVOURS OF FIDO: UAF / U2F
Login with Password and second factor
Advantage: Login with „easy“ password and second factor
Quelle: https://fidoalliance.org/specifications/overview/
5
TECHNICAL REALIZATION(REGISTRATION): UAF
Quelle: https://fidoalliance.org/specifications/overview/
6
TECHNICAL REALIZATION (LOGIN): UAF
Quelle: https://fidoalliance.org/specifications/overview/
7
Agenda
What is FIDO?
News from the FIDO Alliance
Projects in Germany
8
Status Update
EMVCO Liasion established
EBAY joined FIDO and provides open source FIDO authentication server
Strong liasion with W3C to integrate FIDO 2.0 spec
FIDO U2F transport spec expanded to BLE and ISO 14443/NFC
Microsoft announced deep integration of FIDO 2.0 in Windows 10
Mozilla prepares for FIDO U2F integration in Q3/2016
9
Google paper on usage of U2F
10
Google paper on usage of U2F
11
Agenda
What is FIDO?
News from the FIDO Alliance
Projects in Germany
12
NFC-INITIATIVE OF THE FEDERAL GOVERNMENT
NFC-Initiative for kick-off and coordination of all lines of action for an open eco system
− Founded 2013 based on a proposal by BSI and VDV ETS
− Strategic project to establish open eco systems
Steering Group at Ministerial level BMI
•Hr. Hildebrandt
BMWi Hr. Dr. Sandl
BSI Hr. Kowalski
BMVI Hr. Hartwig
VDV ETS Hr. Janssen
Marketing
•Use Cases, Proof-of-concept
Standardization
NFC-Forum NFC interface
CEN TC278, ISO TC204 Public Transport Infrastructure
Interop, Security
G&D, TUD,
BSI
PT System
VDV ETS, VU
2FA / FIDO
•BDR
Promotion of open eco systems (“IT-Gipfel”, “Digitale Agenda”) Support the introduction into regular PT operation
GSMA •Mobile Applications & Test
FIDO Alliance Open AUthentication
Open eID / PA
•BDr, BSI
Evaluation, Plugfest
Requirements Analysis
Research and Development
13
Stakeholders
Definition of an open eco system requires cooperation of all relevant stakeholders:
eID-Service
Provider D-Trust,
Governikus National PT system
VDV ETS
Public Transport
Associations VBB/BVG, Rheinbahn
Mobile device manufacturers
Samsung, Sony
Research Partners
Technical university Dresden
•eID Technology
•Provider Bundesdruckerei,
Giesecke & Devrient, Governikus,
Infineon Technologies, NXP Semiconductors
MNOs Deutsche Telekom, Vodafone, Telefonica
System Vendors
Service platform German Federal print,
T-Systems, Giesecke & Devrient
KAPRION
•Standardization, Certification BSI, NFC Forum
•All relevant groups of stakeholders on board
14
Focus on the entire life cycle
Creation / maintenance personal
account
Mobile identity management
The customer expects the entire “Mobile service life cycle”
15
Hierarchical concept for ID-management
A combination of the German eID-card and FIDO
16
Examples from Germany
© Bernd Kowalski, BSI, 2016
17
Examples from Germany
© Bernd Kowalski, BSI, 2016
18
BRIDGING THE WORLDS
FIDO
Governmental eID Solutions With officially
verified ID
Bridging the world offers advantages for both users and relying parties
e.g. German eID
19
BRIDGING THE WORLDS
FIDO
Governmental eID Solutions With officially
verified ID
Bridging the world offers advantages for both users and relying parties
eIDAS notified eIDs
20
SUMMARY
FIDO offers a new userfriendly approach to authentication – FIDO is the future
FIDO can be combined easily with (ID based) identification mechanisms – bridging two worlds
eIDAS offers an eco system of (notified) eIDs within Europe, FIDO would be an ideal complementary offer to this in terms of derived IDs
21
Thank you very much for your attention!
Recommended