Single Sign-On(SSO)

Single Sign-On(SSO)

Strong Authentication

Single Sign-On(SSO)

Strong Authentication

KNOW *******

Single Sign-On(SSO)

Strong Authentication

KNOW *******

HAVE

Single Sign-On(SSO)

Strong Authentication

KNOW *******

HAVE

ARE

Single Sign-On(SSO)

Strong Authentication

KNOW *******

HAVE

Single Sign-On(SSO)

Strong Authentication

KNOW *******

HAVE

Strong Mobile Authentication in Single Sign-On Systems

André Andradeandre.andrade@tkk.fi

Overview

• Objectives• Protocol arquitecture and description• Prototype overview• Demo• Conclusion

André Andradeandre.andrade@tkk.fi

Objectives

• Strong Authentication protocol for SSO systems using the mobile phone as a security token– Security, usability, flexibility, cost-efficiency

André Andradeandre.andrade@tkk.fi

• Implmentation prototype– Proof-of-concept– Usable strong authentication method using the

mobile phone as an alternative in SSO authentication

Protocol - Arquitecture

André Andradeandre.andrade@tkk.fi

Protocol - Arquitecture

André Andradeandre.andrade@tkk.fi

Protocol - Description

André Andradeandre.andrade@tkk.fi

Prototype - Overview

André Andradeandre.andrade@tkk.fi

Prototype - Demo

André Andradeandre.andrade@tkk.fi

Conclusion

André Andradeandre.andrade@tkk.fi

• SSO and strong authentication complement each other

• Mobile phone is a beneficial option as a security token and there are secure mechanisms that enhance it

• Protocol enables the creation of secure, usable, flexible and cost-efficient strong authentication methods

• Implementation prototype

André Andradeandre.andrade@tkk.fi

Questions?