1 / 26

Improving Security and Access to Network with Smart Badge

Improving Security and Access to Network with Smart Badge. Eril Pasaribu CISA,CISSP Security Consultant. AGENDA. Background Core Technologies Schlumberger Solutions Questions & Answers. Market facts (CSI/FBI). How Does One Authenticate?. One Factor - What you know – Password

abram
Télécharger la présentation

Improving Security and Access to Network with Smart Badge

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant

  2. AGENDA • Background • Core Technologies • Schlumberger Solutions • Questions & Answers

  3. Market facts (CSI/FBI)

  4. How Does One Authenticate? • One Factor - What you know – Password • Two Factors - What you have – Smart card • Three Factors - What you are – Biometric => Balance between convenience, privacy, and security

  5. A Corporate Smart Badge? • Passwords are expensive and provide poor security • Many different standards increase management complexity and help desk support • Increasing network fraud, poor security around transactions and messaging • Hard drive based security can be improved =>One single ID card for both secure physical and logical access

  6. Smart Cards for Corporate Login Dataquest/Card Technology 5/01 Million Units By YE ‘04 33% of W2K/XP users will login via smart card (Gartner Group)

  7. CORE TECHNOLOGIES • Public Key Infrastructure • Smart Cards • Proximity Cards

  8. PKI Symmetric Model

  9. PKI Asymmetric Model

  10. Two keys, one you keep secret (private) and one you let everyone else know (public) Important property: If data is encrypted with a public key, the only way to decrypt is by having the private key If data is encrypted with a private key, the only way to decrypt is by having the public key Combined with secret key algorithms provides: authentication, bulk encryption, and integrity PKI Public Key Cryptography Fundamentals

  11. Digital Certificates • Public Keys are distributed in the form of Certificates. • Binding between “identity” and a public key • Digital equivalent of employee badge, drivers license – universal • Issued by Certificate Authorities (CAs) to clients, servers, objects • Trust and accreditation of CA is a major component of Public Key Infrastructure: to what extent can you be sure a certificate truly binds a public key to an entity • A Digital Certificate contains the sender’s public key, and also the trusted authority’s digital signature.

  12. What’s in a Digital Certificate? • Defined by ITU standard X.509 • supported by Netscape,iPlanet, Entrust, MS IE, MS IIS, Lotus Domino 5, … • Certificate typically contain: • Name of owner and their public key • Name and signature of Certificate Authority • Expiration date, serial number • Algorithms used for encryption & signing • X.509 v3 permits arbitrary attribute-value pairs (e.g. credit card #, access control information, certificate policies….)

  13. Smart Card Overview • Total sales of 1.5B units in 2000 • GSM requires smart card (SIM) • Credit cards, AMEX blue, DoD. • Already a proven, secure technology • Almost unanimous agreement among analysts and experts that smart cards are an ideal token for storage of important digital credentials, such as private keys, biometrics, etc.

  14. CRYPTO CARD JAVA CRYPTO CARDS Cyberflex Palmera Protect Cryptoflex Cyberflex Access II 4K, 8K, 16K 16K, 32K 16K, 32K Middleware CARD READERS Reflex 72 Reflex 20 SLB Smart Card Products

  15. e-Gate: the next generation • e-Business Smart Card: Access e-Gate • 32K Access II card with embedded USB driver. • Simple, inexpensive reader plugs directly into USB port • e-Gate Card+Reader vs. ISO Card+Reader: 30% less • Electron d’or award, 2000

  16. Smart Card Kits

  17. Proximity Cards • HID Proximity Card • 125 kHz proximity antenna and chip • Popular in the US • Personalize by HID • MIFARE Contactless Smart Card • 13.56 MHz contactless antenna • Popular outside of the US • Personalize by our CIS

  18. Schlumberger Smart Badge Integration Physical access Corporate identity Network access Secure log in Digital signatures Web authentication Password storage Public key infrastructure • E-commerce • entitlement control • authentication • authorization • accounting Payment loyalty programs

  19. Single Sign-On (SSO) • Enable authentication to be managed consistently across the enterprise • Allow a user to log in just once • Transparent access to a variety of permitted information systems • Integration of stronger authentication services to support SSO using the Corporate Badge

  20. Smart Login • Smart Card based password store for Windows, enabling reduced Sign On. • Support IE, Netscape, and any Windows Login dialog. • Windows 2000/NT/9x. • Automatic Login.

  21. Demo Demonstrate Smart Card Login on Windows 2000 And secure screen lock

  22. Demo 1-2 • After Windows boot, SLB GINA dialog is displayed • On card insertion, user is prompted for PIN verification • If successful, access is granted to desktop and related networks

  23. Demo 2-2 • On card removal (typically when the user walks away from his computer), the computer locks itself automatically • It is unlocked using the same process as initial logon (PIN verification

  24. Schlumberger’s total solution SC & Reader Card Software Project Management Deployment Training 24x7 Help Desk Technical Consulting Design & Integration Policy Server CMS Directory CA E- Commerce Loyalty VPN Custom Applications Physical Access

  25. Smart Badge Movie

  26. Q & As Questions and Answers

More Related