Mobile and Authentication: Presentations
Passwords have become a daily frustration for many Internet users. Best practices such as a lengthy, complex, and unique password for each login are often ignored in the name of convenience. Password management software can increase the convenience of storing many passwords securely. We’ll discuss the latest authentication-based cyber attacks, how to create strong passwords, and most importantly, the intricacies of password managers and how to choose one.
Today even in a mid-sized company employees are required to login to multiple systems resulting in multiple credentials to remember. This presentation talks about how to reduce the cost of maintaining multiple User&Passwords by implementing Single Sign On technology. The presentation focuses 3 business scenarios and corresponding SSO techniques . It explains how techniques like SAML, OAuth, ID federation can be implemented to enhance the ROSI(Return of Security Investments).
Mobile devices are vulnerable to masquerade attacks as they can be easily lost or stolen. We introduce a technique for detecting unauthorized users by modeling the legitimate user’s typical behavior when using their mobile phone. The user’s behavior model augments typical authentication mechanisms (e.g. PINs or fingerprints) to provide continuous authentication of the user. A human 50-particiant user study demonstrates the detection of an unauthorized user attack within 2 minutes.
The biggest hurdle for adoption of mobile apps within an enterprise is their perceived lack of security. To build an application that satisfies common CIO/CISO concerns, developers must understand their major concerns, the functionality offered by the mobile operating systems and the gaps exist between the concerns and what is available. This presentation focuses on the requirements and solutions that exist for building a secure and IT compliant mobile application.