Rajiv Dholakia, Vice President, Products, Nok Nok Labs
Authentication is the ignition key to the modern computing environment. As computing platforms evolve from desktop to mobile and embedded devices, the authentication methods need to adapt to meet these new requirements of flexibility and scale. This session will review these emerging technologies, solution patterns and share initiatives to simplify strong authentication at scale. If you are invested in federation technologies, operate identity services, this talk will provide a roadmap towards a robust and flexible infrastructure that can withstand the rapid evolution of authentication technologies, device form-factors, use cases and emergent risks.
3. THINGS ARE CHANGING
NOK NOK LABS 3
First Steps Next Steps
Sony 77 M
Evernote 60 M
Rockyou 32 M
LinkedIn 6.5 M
Yahoo 450 K
Twitter 56 K
Attacks
Apple
Evernote
Facebook
Twitter
Google
?
Convenience, Security,
Personalization
4. AKEYINSIGHT– GATEWAYTO USER EXPERIENCE
ABOUTDESIGN, DELIGHT& DOLLARS (ALSORISK,REGULATION&REPUTATION)
NOK NOK LABS
Authentication
is the
“Ignition Key”
4
5. USERS
FRUSTRATED
• 25 ACCOUNTS
• 8 LOGINS / DAY
• 6.5 PASSWORDS
ORGANIZATIONS
OVERWHELMED
• $7.2M / DATA BREACH
• $15 / PASSWORD RESET
• $50-120+ / TOKEN
ECOSYSTEMS
INHIBITED
• FRAGMENTED
• INFLEXIBLE
• FRICTION EVERYWHERE
HOWARE WE DOING?
NOK NOK LABS 5
6. THEAUTHENTICATION TOWER OF BABEL
Silos, proprietary, privacy, reliance on 3rd party, tolls
NOK NOK LABS
?
6
8. THE RESULTING REALITY
“AUTHENTICATION IS … EXPENSIVE TO
IMPLEMENT,
IT'S HARD TO USE, IT'S TOO EASYTO SUBVERT
OR CIRCUMVENTAND IT FAILS MOREAND
MORE FREQUENTLY,AND MOREAND MORE
SPECTACULARLY IN TODAY'S INCREASINGLY
RISKY ELECTRONIC ENVIRONMENT.”
GARTNER:MAVERICKTECHNOLOGY
NOK NOK LABS 8
11. TODAY’S WORLD:
DIVERSE, DISTRIBUTED, DYNAMIC
NOK NOK LABS
75% OF THE DIGITAL
UNIVERSE CREATED,
CAPTURED OR
REPLICATED
IN THE CLOUD
3.1 TRILLION HARD DRIVES
WORTH OF DATA CONSUMED
DAILY IN THE US
US ECOMMERCE
PROJECTED AT $325BN BY
2015
No single solution will work across all use cases
1.8 BN MOBILE PHONES/YEAR
200 MN TABLETS/YEAR
11
12. PONEMAN-NNL RESEARCH
NOK NOK LABS 12
• New & exclusive research,
featuring 1,924 consumers:
• US:
754
• UK: 569
• Germany: 601
• Covers experiences, perceptions
& preferences for identity and
authentication technology
• First annual report, covering
trends, perceptions and attitudes
to online authentication
• Research undertaken by the
Ponemon Institute & sponsored
by Nok Nok Labs, Inc.
14. RETIRING PASSWORDS
Iden%ty
Services
A SYSTEMS PROBLEM (not technology)
Physical-‐to-‐Digital
Iden%ty
User
Management
Authen%ca%on
Federa%on
Single
Sign-On
14
15. THE OTHER HALF OF THE EQUATION
NOK NOK LABS 15
STRONG AUTH
PASSWORDS
SSO/FEDERATION
Recreated PMS
First Mile Second Mile
SAML
OpenID
25. KEY IDEAS BEHIND FIDO
• Leverage simple but strong local authentication
- User authenticates locally to Client Device
- Device authenticates to the Server
• Focus of Standardization:
- “Pluggable” local authentication (USB, Biometrics,TPM/Pin…)
interfaces
- The online crypto protocols used to authenticate to the server
• Allow business appropriate and risk appropriate choice
http://www.fidoalliance.org
26. TAKEAWAYS FROM THIS TALK
1. Authentication is the “Ignition Key” to design, delight, & dollars
2. Passwords don’t scale up (to the cloud) or down (to mobile
devices) – a system solution is needed
3. Diversity & heterogeneity will rule…no one size fits all
4. Authentication is the “first mile”, Federation is the “second mile”
5. ModernAuthentication = Explicit + Implicit
6. Competing solution patterns – pick carefully
7. Get involved:
• Advocateforstandardsasbuildingblocks–thinkofwhatSSLdidforyou
• Educateyourselfaboutemergingauthenticationtechnology
• Re-thinkyourauthenticationstrategy
• Pilotsomeoftheemergingtechnology
26
27. FOR MORE INFORMATION
NOK NOK LABS
• FIDO
alliance
•
An
alliance
to
simplify
authen%ca%on
• hEp://www.fidoalliance.org
• Global
PlaLorm
• hEp://www.globalplaLorm.org
• Nok
Nok
Labs
–
pioneering
FIDO
standards
implementa%ons
• Brainstorm,
Demonstra%on,
Evalua%on,
Webinar
• Poneman-‐Nok
Nok
Labs
Report
• rajiv@noknok.com
or
info@noknok.com
• hEp://www.noknok.com
27