strong authentication open id & axsionics
DESCRIPTION
A Cookbook about using Axsionics and OpenID for Strong AuthenticationTRANSCRIPT
![Page 1: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/1.jpg)
MARET Consulting | 109, chemin du Pont-du-Centenaire | CH 1228 Plan-les-Ouates | Tél +41 22 727 05 57 | Fax +41 22 727 05 50 | www.maret-consulting.ch
Conseil en technologies
Cookbook
Strong Authentication & OpenID
Using Axsionics & Clavid
01-3-2009Sylvain Maret / Security Architect /Geneva
http://sylvain-maret.blogspot.com/
![Page 2: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/2.jpg)
Conseil en technologieswww.maret-consulting.ch
Introduction
This cookbook shows you how to use an Axsionics – Internet Passport - for Strong authentication with OpenID
We will use Clavid as a OpenID provider (IDP) A Swiss Compagny http://www.clavid.com/
![Page 3: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/3.jpg)
Conseil en technologieswww.maret-consulting.ch
About Axsionics
Zero Foot Print Biometry Device providing strong authentication and transaction security
3 factors authentication
For more information: http://www.yubico.com
For more information: http://www.yubico.com
![Page 4: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/4.jpg)
Conseil en technologieswww.maret-consulting.ch
About Clavid
A Swiss company providing identity OpenID & SAML support
Swiss Post Digital Certificate All SSL Client Digital Certificate X509 Yubikey: and easy USB Token
No driver and very cheap Axsionics SMS Out of Band Authentication And Username & Password (no Strong Authentication……) And Soon more !
OTP Token ? OCSP ? Thawte Personal user Certificates ? Web of trust I Hope
![Page 5: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/5.jpg)
Conseil en technologieswww.maret-consulting.ch
Let’s define the scenario
Use a Strong Authentication My finger and a device Axsionics
Use OpenID Clavid.ch http://www.clavid.ch/
Use Plaxo to test this example with OpenID
![Page 6: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/6.jpg)
Conseil en technologieswww.maret-consulting.ch
Connect to Plaxo and choose OpenID
![Page 7: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/7.jpg)
Conseil en technologieswww.maret-consulting.ch
Enter your OpenID User ID from your Clavid.ch Identity Provider
![Page 8: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/8.jpg)
Conseil en technologieswww.maret-consulting.ch
You are redirected to Clavid.ch: Your secure Identity Provider
![Page 9: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/9.jpg)
Conseil en technologieswww.maret-consulting.ch
Now your IDP asks you to proof your identity displaying a challengeThe “Flicker code”
![Page 10: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/10.jpg)
Conseil en technologieswww.maret-consulting.ch
Use now your fingerprint to claim how you are and read the challenge !
![Page 11: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/11.jpg)
Conseil en technologieswww.maret-consulting.ch
Proof your digital identity using a biometric reader. So easy !
![Page 12: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/12.jpg)
Conseil en technologieswww.maret-consulting.ch
You have now a unique Code.(One Time Password)
![Page 13: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/13.jpg)
Conseil en technologieswww.maret-consulting.ch
Enter now your unique code and submit it to your IDP
![Page 14: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/14.jpg)
Conseil en technologieswww.maret-consulting.ch
Ok, now you are redirected to Plaxo: That it
![Page 15: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/15.jpg)
Conseil en technologieswww.maret-consulting.ch
Some Key Points !
No need to install software – Zero Foot Print Very high level of security Strong non repudiation using Biometry Resist to Men in the Browser Attack
![Page 16: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/16.jpg)
Conseil en technologieswww.maret-consulting.ch
"Le conseil et l'expertise pour le choix et la mise
en oeuvre des technologies innovantes dans la sécurité
des systèmes d'information et de l'identité numérique"
![Page 17: Strong Authentication Open Id & Axsionics](https://reader033.vdocuments.net/reader033/viewer/2022052601/5598bc061a28abc14a8b4800/html5/thumbnails/17.jpg)
Conseil en technologieswww.maret-consulting.ch
More info about Digital Identity Security: Sorry most of the time in french
http://sylvain-maret.blogspot.com/