" iot authentication for emergency & offline payment during earthquake, power disruption,...
TRANSCRIPT
![Page 1: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/1.jpg)
"IoT Authentication for Emergency & Offline Payment
during Earthquake, Power Disruption, Typhoon”
Unho Choi, Ph.D. UNHCR
PKI (ITU X.509) for On-line & Off-line
![Page 2: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/2.jpg)
Offline e-Gov. + Disaster Situation
International Donation ?UNHCR Cash ?Global Fund ?WFP electronic cards ? NGO ?
ATM ? POS ? Bank ?
IoT Authentication ?
Copyright © Unho Choi 2015
![Page 3: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/3.jpg)
FIDO Alliance
![Page 4: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/4.jpg)
Bio Sensor + PKI = Secure Domain (FIDO)
Tokenization with Dynamic code(OTP)
= ?
“B9E2995B2B7602AE825CE7DE819F10F088419E595A9AAE81919EF58”
Authentication Server
![Page 5: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/5.jpg)
APPLE PKI ?
![Page 6: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/6.jpg)
PanamaPanamaPanamaPanama
VietnamVietnamVietnamVietnam
PhilippinesPhilippinesPhilippinesPhilippines
EgyptEgyptEgyptEgypt
KenyaKenyaKenyaKenyaIndonesiaIndonesiaIndonesiaIndonesia
completedcompletedcompletedcompleted ProceedingProceedingProceedingProceeding StartedStartedStartedStarted
EquatorEquatorEquatorEquator
CamerooCameroonnCamerooCameroonn
BruneiBruneiBruneiBrunei
MoroccMoroccooMoroccMoroccoo
Costa Costa RicaRicaCosta Costa RicaRica
IranIranIranIran
MongoliaMongoliaMongoliaMongolia
RwandaRwandaRwandaRwanda JordanJordanJordanJordan
IraqIraqIraqIraq
Nigeria, Kenya ……
ICAO, e-UNLP ……
US, France, Sweden, Germany, Turkey, Norway ……
PKI – DEVELOPING COUNTRY
![Page 7: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/7.jpg)
Public Key Certificate
Version / Serial Number / Signature algorithm / Hash algorithm / Issuer Name / Validity Period / Public Key
Subject Distinguished Name / Subject Public Key Information / Issuer’s Signature
Extended Validation
(Empty)
Public Key Certificate
Version / Serial Number / Signature algorithm / Hash algorithm / Issuer Name / Validity Period / Public Key
Subject Distinguished Name / Subject Public Key Information / Issuer’s Signature
Extended Validation
Biometric Code + at least one of Additional Code
< Before user registration >
< After user registration >
Bar Code/ QR / UPC / RFID / URL /CRL / PUF/ GS1/ GSIN / IPv6 / MAC / MAC/ Cryptographic hash functions address/unique identification information etc.
PKI (ITU X.509)
“B9E2995B2B7602AE825CE7DE819F10F088419E595A9AAE81919EF58
Copyright © Unho Choi May 2015
![Page 8: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/8.jpg)
Multi App
1 App
eService
3 App´s 5 App´s 10 App´s
eServiceeHealtheTicketing
eServiceeDLeGateeBankingeLibrary
eIDeServiceeHealtheTicketingATMeDLePurseeGatesTravel document
ExampleFinlandFINID
FinlandFINID
ItalyCNS
ItalyCNS
Hong KongHKSAR
Hong KongHKSAR
MalaysiaMyKad
MalaysiaMyKad
Muiti Application on e-ID
![Page 9: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/9.jpg)
Sample
![Page 10: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/10.jpg)
National ID
PKI+
Data
DriverLicens
e
PKI+
Data
Medical
PKI+
Data
e-Votin
g
PKI+
Data
Pension
PKI+
Data
Passport
ICAO
PKI+
Data
Tax
PKI+
Data
Physical
Access/
Smart Car
PKI
PC/ Clou
dLogo
n
PKI
Smart Phone/ Smart Home
PKI
IoT Authentication ?
UBIQUITOUS AUTHENTICATION MANAGEMENT
Copyright © Unho Choi May 2015
Physical unclonable functions
![Page 11: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/11.jpg)
Bank/Credit Card
Payment
Government
Internet
Cloud Car IoT 911
Emergency
Combination 2 more finger
Combination 1 finger + IRIS
Combination Iris + Vein
Combination Iris + Facial
Combination Finger+ Sign
Combination Voice+ Facial
Combination with each Palm/ Blood / Voice / DNA / Keystroke etc.
Allocated purpose of use
Diverse combinations of Biometrics
Application Services
Allocated purpose of use
Multi Bio Combination ?
ResetEmergency
Recover 911
Copyright © Unho Choi May 2015
![Page 12: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/12.jpg)
Communication Terminal
Centralized Controller
IoT Network
IoT Service Provicer
IoT Authentication Key for Smart Phone
Copyright © Unho Choi May 2015
Emergency Recover Reset 911
![Page 13: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/13.jpg)
Centralized Controller
IoT Network
Smart Card
Communication Terminal
IoT Service Provicer
IoT Authentication Key for National ID ?
Copyright © Unho Choi May 2015Copyright © Unho Choi May 2015
Emergency Recover Reset 911
![Page 14: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/14.jpg)
Biometrics(a)
UPC/EPC Biometrics(b)
UPC/EPCBiometrics PAN(g)
UPC/EPCBiometrics PAN PUF(h)
UPC/EPCBiometrics PAN PUF(i) Dynamic Signature
PAN Biometrics(c)
PUF Biometrics(d)
Dynamic SignatureBiometrics(e)
Activity featureBiometrics(f)
IoT Authentication Code ?
Copyright © Unho Choi May 2015
![Page 15: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/15.jpg)
B9E2995B2B7602AE825CE7DE819F10F088419E595A9AA
Biometric code
UPC/EPC
PAN code
PUF code
(j)
B9E2995B2B7602AE825CE7DE819F10F088419E595A9AAE81919EF58
Biometric code
UPC/EPC
PAN code
PUF code
(k)
OTP
IoT Authentication Code Format
Copyright © Unho Choi May 2015Copyright © Unho Choi May 2015
Emergency Recover Reset 911
![Page 16: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/16.jpg)
Bank Credit Card e-Government Internet Cloud
Online application (with GEO location / GPS)
Bio Sensor on ATMfor cash withdrawal etc.
Bio Sensor on POSfor buy food etc.
Bio Sensor on Centralized Controllerfor control IoT Devices etc.
Bio Sensor on Smart Card/Phonefor control Smart Car etc.
Off-line application support for each service etc. by Government & Financial Authority
On-line & Off-line
1st Public Key for on-line
at Authentication Server
2nd Public Key for off-line for ATM, POS, Centralized Controller, Phone/Card
Store with Private Key at Secure Domain (IC Chip)
Copyright © Unho Choi May 2015
![Page 17: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/17.jpg)
United NationsUnited Nations
Bank
Private Key
Public Key
“B9E2995B2B7602AE825CE7DE819F10F
UN CA(Certificate Authority)
Public KeyWFP
Public Key
Global Fund
Public KeyUNDP
Public Key
ATM, POS (Off-line)
Public Key Private Key
Key Distribution
Copyright © Unho Choi May 2015
![Page 18: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/18.jpg)
Biometrics data acquisition module
Biometrics data management module
Biometric authentication module
VPN management module
Device data acquisition module
OTP generation module
Key management module
Authentication execution module
Operation Process
Copyright © Unho Choi May 2015
![Page 19: " IoT Authentication for Emergency & Offline Payment during Earthquake, Power Disruption, Typhoon” Unho Choi, Ph.D. UNHCR PKI (ITU X.509) for On-line &](https://reader030.vdocuments.site/reader030/viewer/2022032800/56649d345503460f94a0a488/html5/thumbnails/19.jpg)
“ Take chain of Mountain view ”
Unho Choi Ph.D., CGEIT, CRISC, ISO 27001, CISSP, PMP [email protected]