strong authentication openid & yubico
DESCRIPTION
This cookbook shows you how to use an YubiKey for Strong authentication with OpenIDTRANSCRIPT
MARET Consulting | 109, chemin du Pont-du-Centenaire | CH 1228 Plan-les-Ouates | Tél +41 22 727 05 57 | Fax +41 22 727 05 50 | www.maret-consulting.ch
Conseil en technologies
Strong Authentication & OpenID
Using YUBICO & Clavid
17-2-2009Sylvain Maret
Conseil en technologieswww.maret-consulting.ch
Introduction
This cookbook shows you how to use an YubiKey for Strong authentication with OpenID
We will use Clavid as a OpenID provider (IDP) This solution is really easy to implement No need to install software You just an YubiKey from Yubico
Conseil en technologieswww.maret-consulting.ch
About Yubico
Provide a USB Device for Strong Authentication Use AES Standard No need to install software (driver) Not a expensive solution Provide a One Time Password event based
For more information: http://www.yubico.com
Conseil en technologieswww.maret-consulting.ch
About Clavid
A Swiss company providing OpenID based on:
Swiss Post Digital Certificate All SSL Client Digital Certificate X509 Yubikey Axsionics And Username & Password (no Strong
Authentication……) And Soon more !
Conseil en technologieswww.maret-consulting.ch
Let’s define the scenario
Use a Strong Authentication PIN Code and an Yubikey
Use OpenID Clavid.ch http://www.clavid.ch/
Use Plaxo to test this example
Conseil en technologieswww.maret-consulting.ch
Connect to Plaxo and choose OpenID
Conseil en technologieswww.maret-consulting.ch
Enter your OpenID Account from Clavid.ch
Conseil en technologieswww.maret-consulting.ch
You are redirected to Clavid.ch: Your Identity Provider
Conseil en technologieswww.maret-consulting.ch
Enter you PIN Code and Put your Finger on your Ubikey
Conseil en technologieswww.maret-consulting.ch
Ok, now you are redirected to Plaxo: That it
Conseil en technologieswww.maret-consulting.ch
If you want to force Strong Authentication with Yubikey
Conseil en technologieswww.maret-consulting.ch
"Le conseil et l'expertise pour le choix et la mise
en oeuvre des technologies innovantes dans la sécurité
des systèmes d'information et de l'identité numérique"