iam excellence. authentication on mobile devices for business application fabian zoller &...
Post on 28-Dec-2015
215 Views
Preview:
TRANSCRIPT
IAM EXCELLENCE
Authentication on Mobile
Devices for Business Application
Fabian Zoller & Martina Müller
Reason Why
Image source: [http://goo.gl/VYMFN5]
Bring Your Own Device
Image source: [M.Müller]
Bring Your Own Device
Image source: [M.Müller]
AuthenticationMethods
1. Biometric
Image source: [http://goo.gl/zyjhAl]
AuthenticationMethods
1. Biometric
2. Location
www.blog.mobileroudie.comImage source: [http://goo.gl/yPRdEO]
AuthenticationMethods
1. Biometric
2. Location
3. Knowledge
www.thebayentrepreneu.comImage source: [http://goo.gl/Pzd5Pn]
AuthenticationMethods
1. Biometric
2. Location
3. Knowledge
4. Possession
www.flickr.com/photos/code_material
Image source: [http://goo.gl/6QE7fw]
Requirements
Usability & Funtionality
AccessTime
Acceptability
Security
Distinctiveness
Resistance to Attacks
Accuracy
False Accept Rate
False Rejection Rate
Expenditure
Purchase
Administration
Implementation Effort
Software
Hardware
Rating Matrix - Results
Credentials Graphical Password
Software Token WLAN NFC Certificates
Prototypes
Showrooms
1.
2.
3.
4.
Image sources: [F. Zoller] [http://goo.gl/VqFSQ] [http://goqr.me] [http://goo.gl/bVT8l] [http://goo.gl/Vv2E] [http://goo.gl/wj8Hw]
System Components
Client Device
Untrusted Site
RequestResource
ResponseResource / Deny
Trusted Site (Company)
Web- / App Server &
Agent
Yes / No / Data(Response Decision [Data])
Authentic?(Request Decision [Data])
DirectoryServer
Make Decision / Prepare Data
Image sources: [http://goo.gl/gXoeT] [http://goo.gl/Vv2E]
MobileDesk Authentication Flow
Select Certificate
Validate Certificate
Enter Graphical Password
Validate Graphical Password
Store Token in Directory
Start Web Application with Token
Image sources: [F. Zoller]
MobileKey Authentication Flow
Touch Device with Identity Chip
Validate Identity Chip
Enter Credentials
Validate Credentials
Store Token in Directory
Start Web Application with Token
Image sources: [F. Zoller]
TwoChannel Authentication Flow
Enter Username
Generate QR-Code
Scan QR-Code
Enter Password
Validate Credentials
Start Web Application
On
Mob
ile D
evic
e
Image sources: [F. Zoller]
LocationBased Authentication Flow
Active WLAN
Validate Access Point
Enter PIN
Generate OTP
Enter OTP and PIN
Validate OTP and PIN
Start Web Application
On
Mob
ile D
evic
e
Image sources: [F. Zoller]
Usability Testing - Interrogations
Is there a significant difference between the arithmetic average authentication time?
1. iPhone + QR-Code (30 sec)
2. Android + Mobile Key (37 sec)
3. Android/iPhone + Location Based (39 sec)
Usability Testing - Interrogations
Is there a significant difference between the authentication time within the showrooms?
1. Mobile Key (37 sec)
2. Location Based (39 sec)
3. QR-Code (40 sec)
Usability Testing - Interrogations
Is there a significant difference between the different operating systems focussing on the success quotient?
92%
8%
iPhone
successful authenticationfailed authentication
86%
14%
Android
successful authenticationfailes authentication
Advisable Results
Mobile Desk
QR-Code
Mobile Key
Credentials Graphical Password
Software Token WLAN NFC Certificates
Questions?
Thank you for your attention!
IAM EXCELLENCE
www.ic-consult.comiC Consult GmbH | Keltenring 14 | 82041 Oberhaching | T +49 89 6604970 | kontakt@ic-consult.com
top related