• No results found

Intel Identity Protection Technology (IPT)

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Intel Identity Protection Technology (IPT)"

Copied!
35
0
0

Loading.... (view fulltext now)

Download now ( 35 Page )

Full text

(1)

1

Intel® Identity Protection Technology (IPT)

Enabling improved user

Enabling improved user- -friendly strong authentication in VASCO's latest friendly strong authentication in VASCO's latest generation solutions

generation solutions

June 2013 Steve Davies Solution Architect Intel Corporation

Copyright

Copyright ©©2013, Intel Corporation. All rights reserved.2013, Intel Corporation. All rights reserved.

(2)

2

Legal

INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR

IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL'S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY

WHATSOEVER AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT.

Intel may make changes to specifications and product descriptions at any time, without notice. Designers must not rely on the absence or characteristics of any features or instructions marked "reserved" or "undefined". Intel reserves these for future definition and shall have no responsibility whatsoever for conflicts or incompatibilities arising from future changes to them. The information here is subject to change without notice. Do not finalize a design with this information.

The products described in this document may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Contact your local Intel sales office or your distributor to obtain the latest specifications and before placing your product order.

No system can provide absolute security under all conditions. Requires an Intel® Identity Protection Technology-enabled system, including a 2nd or 3rd gen Intel® Core™ processor enabled chipset, firmware and software, and participating website.

Consult your system manufacturer. Intel assumes no liability for lost or stolen data and/or systems or any resulting damages.

For more information, visit http://ipt.intel.com.

Intel, Intel Core, Ultrabook, Insider, vPro, Atom and the Intel logo are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

*Other names and brands may be claimed as the property of others.

Copyright © 2013, Intel Corporation. All rights reserved.

(3)

3

Your questions coming into this session…

1. What is this improved user-friendly strong authentication?

2. What is it that Intel offers to support this?

3. What is it that VASCO offers to support this?

(4)

4 4

eBanking Use Case…

(5)

5

Garanti Example

Login using OTP generated by hardware token

(6)

6

Enter hardware token generated One-Time Password

for

2

nd

factor authentication

Garanti Example

Login using OTP generated by hardware token

(7)

7

Garanti Example

Login using OTP generated by hardware token

(8)

8

Garanti Example

Login using OTP sent by SMS to mobile phone

(9)

9

Garanti Example

Login using OTP sent by SMS to mobile phone

(10)

10

Garanti Example

Login using OTP sent by SMS to mobile phone

(11)

11

Garanti Example

Login using OTP generated by Intel IPT

(12)

12

Garanti Example

Login using OTP generated by Intel IPT

(13)

13 13

I see the user experience benefit But is it giving up some security?

No, it is not giving up security…

(14)

14 14

Enterprise VPN Use Case…

(15)

15

VPN Example

Login by typing OTP generated by hardware token

(16)

16

16834096

16834096 copy copy

My VPN token

My VPN token - - X X

VPN Example

Login by “copy/paste” OTP generated by Intel IPT

(17)

17 17

I see the user experience benefit But it is not really something new?

Yes it is something new…

(18)

18 18

B2B and B2C Websites

(19)

19

B2B / B2C Example

Traditional login with username / password only

(20)

20

B2B / B2C Example

Login with Mydigipass.com OTP

(21)

21

B2B / B2C Example

Login with Mydigipass.com OTP – phone or token

(22)

22

B2B / B2C Example

Login with Mydigipass.com OTP – Intel IPT

(23)

23 23

I see the user experience benefit But is it giving up some security?

No, it is not giving up security…

(24)

24

My VPN token My VPN token

0 9 7

4 3

1 8 2

6 5

Enter PIN Enter PIN

Add More Security

PIN protect the Intel IPT OTP release

16834096

16834096 copy copy My VPN token

My VPN token - - X X

(25)

25

Confirm $50,000 transfer to account # 9237-4602

What User Sees What Malware Sees My VPN token My VPN token

0 9 7

4 3

1 8 2

6 5

Enter PIN Enter PIN My VPN token

My VPN token

0 9 7

4 3

1 8 2

6 5

Enter PIN Enter PIN

16834096

16834096 copy copy

My VPN token

My VPN token - - X X

PIN Entry with Software Applets User view and malware view…

X X

(26)

26

PIN Entry embedded in Webpage

This is what the user sees…

(27)

27

PIN Entry embedded in Webpage

This is what malware sees…

(28)

28

Hardware-based Security in the platform

Main CPU Main OS

ME DLL Win OS

Win App s Bro w sers Malware ME-based App s

Chipset

Hardware based security isolated from the host

Trusted Execution Environment for Security

Operations…

Crypto, Secure Display Separate

CPU/RAM/Flash

(29)

29

How It Works: Intel Components

Intel ® Identity Protection Technology (IPT)

ƒSecurity features built into the chipset

ƒSecurity Service algorithm applet runs in the firmware

Intel IPT

generates OTP in isolated space

698731

(30)

30

Your questions coming into this session…

1. What is this improved user-friendly strong authentication?

2. What is it that Intel offers to support this?

3. What is it that VASCO offers to support this?

(31)

31

Intel® Identity Protection Technology Platform Roadmap

ƒ Mid 2013, on all Intel Core™ systems and extending to Intel Atom™

based phones and tablets in 2H 2013

ƒ To become ubiquitous in worldwide Intel-based platforms

Core™

Desktops Ultrabooks™

Atom ™ Tablets Atom ™ Phones

2012 2013 2014

vPro™ Desktops &

Laptops

Core™ Laptops Core™ Tablets

Install Base

Intel, Intel Core, Ultrabook, Insider, vPro, Atom and the Intel

Intel, Intel Core, Ultrabook, Insider, vPro, Atom and the Intel logo are trademarks or registered trademarks of Intel Corporatiologo are trademarks or registered trademarks of Intel Corporation.n.

*Other names and brands may be claimed as the property of others

*Other names and brands may be claimed as the property of others..

(32)

32

Building Blocks Service Solution

Intel® Identity Protection Technology

Authentication Server

Website

Consumer - Enterprise

Token Record Storage

Provisioning

&

Verification Services

Internet

On-Premise or Cloud or Mixed On-Premise or Cloud or Mixed

*Other names and brands may be claimed as the property of others

*Other names and brands may be claimed as the property of others..

(33)

33

Your questions coming into this session…

1. What is this improved user-friendly strong authentication?

2. What is it that Intel offers to support this?

3. What is it that VASCO offers to support this?

(34)

34

Why is this relevant to you ?

ƒ Complements existing 2FA with :

ƒ Hardware based

ƒ User friendly

strong authentication solution

ƒ Enhance brand value &

reputation

ƒ Complements existing 2FA with

Your Customer’s Benefits

ƒ Easy to use

ƒ Protects against many types of attacks

ƒ Opt-in gives you freedom

(35)

35

References

Download now ( PDF - 35 Page - 3.29 MB )

Related documents

08 GSM BSS Network KPI (Immediate Assignment Success Rate) Optimization Manual.doc

Immediate assi#nment success rate indicates t/e success rate of t/e MS accessin# t/e si#nalin# c/annel9 It concerns t/e "rocedure from t/e MS sendin# a c/annel re>uired

catalog-tranzistori-rohm.pdf

The single PSOP8 package has excellent heat dissipation (with a PD 1.5 times as high as that of SOP8 packages), that allows the replacement of conventional two SOP8 packages in

SCHOOL OF GEOGRAPHY AND EARTH SCIENCES

For Masters students, the Review Committee will consist of the supervisor, at least two other faculty members whose work is related to the student=s field of interest and a Chair

OM-2 Assignment 2_Section E

 Requesting Senior Associate (↓ 5.322 minutes) after an associate was trained by the company, the average queuing time for a senior associate decreased, because the trained

The use of Accelerator Appliances on zenterprise

Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or

DESIGNED TO ADAPT. Lenovo recommends Windows 8 Pro.

Intel, the Intel logo, Intel Core, Core Inside, Xeon and Xeon Inside are registered trademarks of Intel Corporation in the U.S. and other

Cloud Computing with xcat on z/vm 6.3

Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or

Forecasting Performance Metrics using the IBM Tivoli Performance Analyzer

Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or