strong authentication openid & yubico

12

MARET Consulting | 109, chemin du Pont-du-Centenaire | CH 1228 Plan-les-Ouates | Tél +41 22 727 05 57 | Fax +41 22 727 05 50 | www.maret-consulting.ch Conseil en technologies Strong Authentication & OpenID Using YUBICO & Clavid 17-2-2009 Sylvain Maret

Upload: sylvain-maret

Post on 25-Jun-2015

1.690 views

Category:

Technology

2 download

Report

Download

Tags:

Embed Size (px):

DESCRIPTION

This cookbook shows you how to use an YubiKey for Strong authentication with OpenID

TRANSCRIPT

Page 1: Strong Authentication OpenID & Yubico

MARET Consulting | 109, chemin du Pont-du-Centenaire | CH 1228 Plan-les-Ouates | Tél +41 22 727 05 57 | Fax +41 22 727 05 50 | www.maret-consulting.ch

Conseil en technologies

Strong Authentication & OpenID

Using YUBICO & Clavid

17-2-2009Sylvain Maret

Page 2: Strong Authentication OpenID & Yubico

Conseil en technologieswww.maret-consulting.ch

Introduction

This cookbook shows you how to use an YubiKey for Strong authentication with OpenID

We will use Clavid as a OpenID provider (IDP) This solution is really easy to implement No need to install software You just an YubiKey from Yubico

Page 3: Strong Authentication OpenID & Yubico

Conseil en technologieswww.maret-consulting.ch

About Yubico

Provide a USB Device for Strong Authentication Use AES Standard No need to install software (driver) Not a expensive solution Provide a One Time Password event based

For more information: http://www.yubico.com

Page 4: Strong Authentication OpenID & Yubico

Conseil en technologieswww.maret-consulting.ch

About Clavid

A Swiss company providing OpenID based on:

Swiss Post Digital Certificate All SSL Client Digital Certificate X509 Yubikey Axsionics And Username & Password (no Strong

Authentication……) And Soon more !

Page 5: Strong Authentication OpenID & Yubico

Conseil en technologieswww.maret-consulting.ch

Let’s define the scenario

Use a Strong Authentication PIN Code and an Yubikey

Use OpenID Clavid.ch http://www.clavid.ch/

Use Plaxo to test this example

Page 6: Strong Authentication OpenID & Yubico

Conseil en technologieswww.maret-consulting.ch

Connect to Plaxo and choose OpenID

Page 7: Strong Authentication OpenID & Yubico

Conseil en technologieswww.maret-consulting.ch

Enter your OpenID Account from Clavid.ch

Page 8: Strong Authentication OpenID & Yubico

Conseil en technologieswww.maret-consulting.ch

You are redirected to Clavid.ch: Your Identity Provider

Page 9: Strong Authentication OpenID & Yubico

Conseil en technologieswww.maret-consulting.ch

Enter you PIN Code and Put your Finger on your Ubikey

Page 10: Strong Authentication OpenID & Yubico

Conseil en technologieswww.maret-consulting.ch

Ok, now you are redirected to Plaxo: That it

Page 11: Strong Authentication OpenID & Yubico

Conseil en technologieswww.maret-consulting.ch

If you want to force Strong Authentication with Yubikey

Page 12: Strong Authentication OpenID & Yubico

Conseil en technologieswww.maret-consulting.ch

"Le conseil et l'expertise pour le choix et la mise

en oeuvre des technologies innovantes dans la sécurité

des systèmes d'information et de l'identité numérique"

OpenID Connect - TERENAOpenID Connect OpenID Connect is an identity framework that provides authentication, authorization, and attribute transmission capability. tisdag 8 november

認可リクエスト · 2020-05-27 · OpenID Connect Core 1.0, 3.1.2.1. Authentication Request An Authentication Request is an OAuth 2.0 Authorization Request that requests that

Yubico YubiHSM Monitor if the AEAD is changed, ... yubico. Yubico YubiHSM Monitor yubico. Yubico YubiHSM Monitor yubico. yubico. Test utility for the YubiHSM

Research on integration of OpenID authentication within ... · Research on implementation of OpenID within GravityZoo Abstract This report covers the research on the working of OpenID

Release Notes - OpenIDM 5 - ForgeRock BackStage...New Authentication Modules OpenIDM 5 includes support for OpenID Connect and OAuth 2.0 authentication. For more information, see "Supported

OpenID Connect - Nat Sakimura at OpenID TechNight #7

Trusted computing enhanced user authentication with OpenID

IRODS AND FEDERATED IDENTITY AUTHENTICATION · iRODS behind a Web application: token based protocols It is possible to use OpenID Connect authentication or SAML: passing the token

OpenID TechNight #6 - OpenID on Smart.fm

FHNW OpenID Connect pilot SAML2 OpenID Connect OAuth2

Yubico PIV Tool Command Line Guide · PDF fileYubico PIV Tool Command Line Guide © 2016 Yubico. All rights reserved. Page 1 of 30 Yubico PIV Tool Command Line Guide Command Line Reference

Mobile authentication and authorisation: OpenID and OAuth

OPENID WITH CERTIFICATE-BASED USER AUTHENTICATION ON … · 2014-08-07 · ABSTRACT OPENID WITH CERTIFICATE-BASED USER AUTHENTICATION ON SMARTCARD Bahar Berna Ki˘sin M.S. in Computer

Authentication OAuth 2.0 & OpenID Connectwebdevelopment.mit.edu/2018/pages/lectures/WEBday9_openid.pdfOauth 2.0 “focuses on client developer simplicity while providing specific authorization

AUGMENTED AUTHENTICATION FACE + A.I. + CONTEXT. the new credential PRESENTED TO: UAE ID + UNPAN April, 29 2014 Biometric OPENiD + Bio-Encryption CRYPTOGRAPHIC

MOBILE AUTHENTICATION MATURITY & TRENDS...emergence of intelligent mobile authentication • OpenID Connect • SAML • GSMA Mobile Connect • FIDO • IEEE 2410 BOPS • Leverage

RECENTEVOLUTIONSINTHE OAUTH 2.0 AND OPENID … · 2020-06-19 · Consulting services on security, Oauth2.0, ... User authentication Read & write data OpenID Connect OAuth 2.0 @PhilippeDeRyck

Ponemon Security Infographic-v5-AU-2 - Yubico · poor password and authentication practices lead to attacks such as phishing. of respondents say they have experienced a phishing attack

Authentication, Authorization, OAuth, OpenID Connect and Pyramid

O-Auth 2.0, OpenId Connect 1.0, Single Sign-On Subhojeet ...cs556dl/lecture-notes/AdvancedAuth...O-Auth 2.0, OpenId Connect 1.0 and Single Sign On are some web-based authentication

OpenID Connect Working Group and OpenID Certification€¦ · OpenID Connect Working Group and OpenID Certification May 21, 2020 Michael B. Jones Identity Standards Architect –Microsoft

Bridging OpenID and SAML 2 · 2007-11-14 · SAML 2.0 Terminology OpenID Terminology Terminology OpenID Consumer OpenID Provider OpenID Identity ... Then the consumer contacts that

Introduction to OpenID Foundation...May 21, 2020 · Introduction to OpenID Foundation 2020-05-21 OpenID Foundation Virutal Workshop. OpenID Foundation A Non-proﬁt International

Research Article Secure OpenID Authentication Model …downloads.hindawi.com/journals/aaa/2014/561487.pdf · · 2015-11-23Research Article Secure OpenID Authentication Model by

The Security of OpenID Authentication 2.0

Just Another Weather Application Evaluating the OSIsoft ...€¦ · • OAuth 2.0 & OpenID • Authentication by external identity provider • Authorization handled by configuring

YubiKey Standard and YubiKey Nano - Yubico | Trust the Net ... · YubiKey Standard and YubiKey Nano are USB devices supporting multiple authentication and cryptographic protocols

Introduction to OpenID Foundation · 2020. 7. 29. · OpenID Connect 1.0 OAuth 2.0 JSON Web Signature (JWS) JSON Web Token (JWT) Client Initiated Backchannel Authentication (CIBA)

Challenges in Authentication- and Identity Management · 2017-09-07 · • Supported by TrustBuilder • IdP Discovery Service • OASIS IdP Discovery Service specification • OpenID

Oracle Banking APIs OpenID Guide Banking API… · OPENID 5 OpenID Guide 5 2. OPENID OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. It enables Clients

Ponemon Security Infographic-v5-UK-2 - Yubico · poor password and authentication practices lead to attacks such as phishing. of respondents say they have experienced a phishing attack

Yubico Authenticator User's Guide · Yubico Authenticator User's Guide © 2016 Yubico. All rights reserved. Page 4 of 23 Troubleshooting ..... 22

OpenID Authentication by example

OpenID Connect 101 @ OpenID TechNight vol.11

OpenID Authentication