MARET Consulting | 109, chemin du Pont-du-Centenaire | CH 1228 Plan-les-Ouates | Tél +41 22 727 05 57 | Fax +41 22 727 05 50 | www.maret-consulting.ch
Conseil en technologies
Cookbook
Strong Authentication & OpenID
Using Axsionics & Clavid
01-3-2009Sylvain Maret / Security Architect /Geneva
http://sylvain-maret.blogspot.com/
Conseil en technologieswww.maret-consulting.ch
Introduction
This cookbook shows you how to use an Axsionics – Internet Passport - for Strong authentication with OpenID
We will use Clavid as a OpenID provider (IDP) A Swiss Compagny http://www.clavid.com/
Conseil en technologieswww.maret-consulting.ch
About Axsionics
Zero Foot Print Biometry Device providing strong authentication and transaction security
3 factors authentication
For more information: http://www.yubico.com
For more information: http://www.yubico.com
Conseil en technologieswww.maret-consulting.ch
About Clavid
A Swiss company providing identity OpenID & SAML support
Swiss Post Digital Certificate All SSL Client Digital Certificate X509 Yubikey: and easy USB Token
No driver and very cheap Axsionics SMS Out of Band Authentication And Username & Password (no Strong Authentication……) And Soon more !
OTP Token ? OCSP ? Thawte Personal user Certificates ? Web of trust I Hope
Conseil en technologieswww.maret-consulting.ch
Let’s define the scenario
Use a Strong Authentication My finger and a device Axsionics
Use OpenID Clavid.ch http://www.clavid.ch/
Use Plaxo to test this example with OpenID
Conseil en technologieswww.maret-consulting.ch
Connect to Plaxo and choose OpenID
Conseil en technologieswww.maret-consulting.ch
Enter your OpenID User ID from your Clavid.ch Identity Provider
Conseil en technologieswww.maret-consulting.ch
You are redirected to Clavid.ch: Your secure Identity Provider
Conseil en technologieswww.maret-consulting.ch
Now your IDP asks you to proof your identity displaying a challengeThe “Flicker code”
Conseil en technologieswww.maret-consulting.ch
Use now your fingerprint to claim how you are and read the challenge !
Conseil en technologieswww.maret-consulting.ch
Proof your digital identity using a biometric reader. So easy !
Conseil en technologieswww.maret-consulting.ch
You have now a unique Code.(One Time Password)
Conseil en technologieswww.maret-consulting.ch
Enter now your unique code and submit it to your IDP
Conseil en technologieswww.maret-consulting.ch
Ok, now you are redirected to Plaxo: That it
Conseil en technologieswww.maret-consulting.ch
Some Key Points !
No need to install software – Zero Foot Print Very high level of security Strong non repudiation using Biometry Resist to Men in the Browser Attack
Conseil en technologieswww.maret-consulting.ch
"Le conseil et l'expertise pour le choix et la mise
en oeuvre des technologies innovantes dans la sécurité
des systèmes d'information et de l'identité numérique"
Conseil en technologieswww.maret-consulting.ch
More info about Digital Identity Security: Sorry most of the time in french
http://sylvain-maret.blogspot.com/
Top Related