SlideShare una empresa de Scribd logo

E- and M-Business Trust Advances Through Digital Authentication

Oliver Pfaff
Oliver Pfaff

The document discusses trust services that are fundamental for digital business transactions, including authentication, authorization, and non-repudiation. It notes that traditional authentication techniques do not meet the requirements of digital business and outlines cryptographic protocols like digital signatures that can provide persistent authentication of electronic documents and identities. However, it states that non-repudiation requires additional legal and policy frameworks beyond authentication alone. The document also examines authorization services and their implementation in web environments.

TecnologíaEmpresariales
1 de 24
Trust in E- and M-Business Advances Through IT-Security SACIS Conference 2002 Istanbul, March 19-20
Contents ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Trust, a Fundamental Principle of Business ,[object Object],[object Object],[object Object],[object Object],[object Object],A basic transaction pattern in business: For Sale Payment Delivery Offer Accept- ance Trust refers to the property that entities behave as agreed, committed, or instructed.
Authorization, a Basic Trust Service ,[object Object],[object Object],[object Object],[object Object],[object Object],Authorization is a fundamental practice in business.
Non-Repudiation, a Basic Trust Service ,[object Object],[object Object],[object Object],[object Object],[object Object],Non-repudiation is a fundamental practice in business.
Authentication, a Prerequisite for Authorization and Non-Repudiation ,[object Object],[object Object],[object Object],[object Object],[object Object],© The New Yorker Collection 1993 Peter Steiner from cartoonlink.com. All rights reserved. “ On the Internet, nobody knows you’re a dog.” Authorization and non-repudiation depend on authentication.
New Frontiers: Digital Business Processes ,[object Object],[object Object],[object Object],[object Object],Retail Call-Center Kiosk Web WAP ... Digital business requires digital trust services.
Example: Why Traditional Authentication Fails in Digital Business ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],<HTML> <FONT FACE=„Courier&quot; SIZE=12> <P><BR>Travel Expenses:</P> ... <P><BR>Signed:</P> ... </HTML> Travel Expenses Flight:1.000 EUR Hotel: 500 EUR Total: 1.500 EUR Signed: Chief
Digital Authentication Techniques ,[object Object],[object Object],[object Object]
Cryptographic Authentication Protocols Public key certificate Entity ID Public key Infrastructure Application Entity Goal Private key Security token Cryptographic protocol ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Entity ID Secret key Cryptographic protocol Infrastructure Application Entity Goal Secret key Security token Secret-key credentials
Advantages of Public Key-Based Schemes ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A Public Key Authentication Technique: Digital Signatures ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Signing party Private key Doc Sign Relying parties Doc Sign Sign OK? Public key
Transient vs. Persistent Authentication ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Sender Recipient Create authentication information alidation alidation alidation Synchronous Asynchronous Time Time Asynchronous
Attention: Digital Signatures Provide Authentication, Not Non-Repudiation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Non-Repudiation vs. Authentication Signed docs Authentication framework ,[object Object],Business transactions via signed documents Non-repudiation framework ,[object Object]
Current State-of-Affairs in Non-Repudiation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Authorization Services ,[object Object],[object Object],[object Object],Requestor Resources Repository (policy data) Policy decision Policy administration Policy enforcement
Authorization in the Web Environment: Common Architecture PSTN IP network PSTN Intranet Home, hotel ,... Office Mobile ... Target services Clients Internet connectivity External networks Internal networks Policy enforcement point Policy decision point Repository Policy administration point
Authorization in the Web Environment: Current Practices ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Authorization in the Web Environment: Shortcomings and Technology Initiatives ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Conclusions ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Even if E-Business owners feel they do not have to rush into realizations (and there are some good reasons), it is their duty to analyze the impact of trust services for their business. Otherwise they are deciding to do a random walk. Most of the past discussions have been too infrastructure-centric.
Abbreviations ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
References and Further Reading ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Author Information ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recomendados

Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Avirot Mitamura
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes
 
Kantara trust frameworks 2016 05-08
Kantara trust frameworks 2016 05-08Kantara trust frameworks 2016 05-08
Kantara trust frameworks 2016 05-08Andrew Hughes
 
Blockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementBlockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementPrabath Siriwardena
 
An Efficient implementation of PKI architecture based Digital Signature using...
An Efficient implementation of PKI architecture based Digital Signature using...An Efficient implementation of PKI architecture based Digital Signature using...
An Efficient implementation of PKI architecture based Digital Signature using...IOSR Journals
 
Baasid whitepaper_v2.9.8_en
Baasid whitepaper_v2.9.8_enBaasid whitepaper_v2.9.8_en
Baasid whitepaper_v2.9.8_enBaaSid, Blockchain as a Service for ID
 
Cupa pres a_2
Cupa pres a_2Cupa pres a_2
Cupa pres a_2Mohammad Yasar
 
Decrypting Insurance Broking through Blockchain
Decrypting Insurance Broking through BlockchainDecrypting Insurance Broking through Blockchain
Decrypting Insurance Broking through BlockchainCognizant
 

Recomendados

Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Avirot Mitamura
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes
 
Kantara trust frameworks 2016 05-08
Kantara trust frameworks 2016 05-08Kantara trust frameworks 2016 05-08
Kantara trust frameworks 2016 05-08Andrew Hughes
 
Blockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementBlockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementPrabath Siriwardena
 
An Efficient implementation of PKI architecture based Digital Signature using...
An Efficient implementation of PKI architecture based Digital Signature using...An Efficient implementation of PKI architecture based Digital Signature using...
An Efficient implementation of PKI architecture based Digital Signature using...IOSR Journals
 
Baasid whitepaper_v2.9.8_en
Baasid whitepaper_v2.9.8_enBaasid whitepaper_v2.9.8_en
Baasid whitepaper_v2.9.8_enBaaSid, Blockchain as a Service for ID
 
Cupa pres a_2
Cupa pres a_2Cupa pres a_2
Cupa pres a_2Mohammad Yasar
 
Decrypting Insurance Broking through Blockchain
Decrypting Insurance Broking through BlockchainDecrypting Insurance Broking through Blockchain
Decrypting Insurance Broking through BlockchainCognizant
 
Blockchain in HR
Blockchain in HRBlockchain in HR
Blockchain in HREdward Lange
 
HR Blockchain User Experience
HR Blockchain User ExperienceHR Blockchain User Experience
HR Blockchain User ExperienceJohn Macy (FAHRILife)
 
How Blockchain Can Reinvigorate Facultative Reinsurance Contract Management
How Blockchain Can Reinvigorate Facultative Reinsurance Contract ManagementHow Blockchain Can Reinvigorate Facultative Reinsurance Contract Management
How Blockchain Can Reinvigorate Facultative Reinsurance Contract ManagementCognizant
 
IRJET- Estimation of a Good Fit with Blockchain and Identity and Access Manag...
IRJET- Estimation of a Good Fit with Blockchain and Identity and Access Manag...IRJET- Estimation of a Good Fit with Blockchain and Identity and Access Manag...
IRJET- Estimation of a Good Fit with Blockchain and Identity and Access Manag...IRJET Journal
 
Crypto Valley Conference 2019 - CULedger
Crypto Valley Conference 2019 - CULedgerCrypto Valley Conference 2019 - CULedger
Crypto Valley Conference 2019 - CULedgerDarrell O'Donnell
 
Blockchain: the trust fabric for next generation digital identity management
Blockchain: the trust fabric for next generation digital identity managementBlockchain: the trust fabric for next generation digital identity management
Blockchain: the trust fabric for next generation digital identity managementEY
 
Mature Digital Trust Infrastructure - Are we there yet?
Mature Digital Trust Infrastructure - Are we there yet?Mature Digital Trust Infrastructure - Are we there yet?
Mature Digital Trust Infrastructure - Are we there yet?sorenpeter
 
The Hong Kong Public Key Infrastruture 2010
The Hong Kong Public Key Infrastruture 2010The Hong Kong Public Key Infrastruture 2010
The Hong Kong Public Key Infrastruture 2010SC Leung
 
Exploring the Possibilities of Blockchain in Healthcare
Exploring the Possibilities of Blockchain in HealthcareExploring the Possibilities of Blockchain in Healthcare
Exploring the Possibilities of Blockchain in HealthcareIonixx Technologies Inc.
 
Kantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG UpdateKantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG Updatekantarainitiative
 
Identity in the Internet Age
Identity in the Internet Age Identity in the Internet Age
Identity in the Internet Age Cartesian (formerly CSMG)
 
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...ijtsrd
 
Smedinghoff Identity Management: Who's Signing?
Smedinghoff Identity Management: Who's Signing?Smedinghoff Identity Management: Who's Signing?
Smedinghoff Identity Management: Who's Signing?Electronic Signature & Records Association
 
Trust Frameworks Explained
Trust Frameworks ExplainedTrust Frameworks Explained
Trust Frameworks Explainedkantarainitiative
 
Introduction to Mydex CIC Personal Data Stores - 7th March 2013
Introduction to Mydex CIC Personal Data Stores - 7th March 2013Introduction to Mydex CIC Personal Data Stores - 7th March 2013
Introduction to Mydex CIC Personal Data Stores - 7th March 2013Mydex CIC
 
Linkedin.Deck
Linkedin.DeckLinkedin.Deck
Linkedin.Deckbepker
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceEryk Budi Pratama
 
BeingSign blockchain-based online signing system|Introduction
BeingSign blockchain-based online signing system|IntroductionBeingSign blockchain-based online signing system|Introduction
BeingSign blockchain-based online signing system|IntroductionBeingSign|區塊鏈線上簽署系統
 
Managing identity for the future how everybody can win - david alexander - ...
Managing identity for the future how everybody can win - david alexander - ...Managing identity for the future how everybody can win - david alexander - ...
Managing identity for the future how everybody can win - david alexander - ...Mydex CIC
 
Blockchain in Banking Industry
Blockchain in Banking IndustryBlockchain in Banking Industry
Blockchain in Banking IndustryHigh Beam Global
 
Why eSignatures are Imperative for Data Security.pdf
Why eSignatures are Imperative for Data Security.pdfWhy eSignatures are Imperative for Data Security.pdf
Why eSignatures are Imperative for Data Security.pdfDrysign By Exela
 
KYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryKYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryNitin Patidar
 

Más contenido relacionado

La actualidad más candente

How Blockchain Can Reinvigorate Facultative Reinsurance Contract Management
How Blockchain Can Reinvigorate Facultative Reinsurance Contract ManagementHow Blockchain Can Reinvigorate Facultative Reinsurance Contract Management
How Blockchain Can Reinvigorate Facultative Reinsurance Contract ManagementCognizant
 
IRJET- Estimation of a Good Fit with Blockchain and Identity and Access Manag...
IRJET- Estimation of a Good Fit with Blockchain and Identity and Access Manag...IRJET- Estimation of a Good Fit with Blockchain and Identity and Access Manag...
IRJET- Estimation of a Good Fit with Blockchain and Identity and Access Manag...IRJET Journal
 
Crypto Valley Conference 2019 - CULedger
Crypto Valley Conference 2019 - CULedgerCrypto Valley Conference 2019 - CULedger
Crypto Valley Conference 2019 - CULedgerDarrell O'Donnell
 
Blockchain: the trust fabric for next generation digital identity management
Blockchain: the trust fabric for next generation digital identity managementBlockchain: the trust fabric for next generation digital identity management
Blockchain: the trust fabric for next generation digital identity managementEY
 
Mature Digital Trust Infrastructure - Are we there yet?
Mature Digital Trust Infrastructure - Are we there yet?Mature Digital Trust Infrastructure - Are we there yet?
Mature Digital Trust Infrastructure - Are we there yet?sorenpeter
 
The Hong Kong Public Key Infrastruture 2010
The Hong Kong Public Key Infrastruture 2010The Hong Kong Public Key Infrastruture 2010
The Hong Kong Public Key Infrastruture 2010SC Leung
 
Exploring the Possibilities of Blockchain in Healthcare
Exploring the Possibilities of Blockchain in HealthcareExploring the Possibilities of Blockchain in Healthcare
Exploring the Possibilities of Blockchain in HealthcareIonixx Technologies Inc.
 
Kantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG UpdateKantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG Updatekantarainitiative
 
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...ijtsrd
 
Introduction to Mydex CIC Personal Data Stores - 7th March 2013
Introduction to Mydex CIC Personal Data Stores - 7th March 2013Introduction to Mydex CIC Personal Data Stores - 7th March 2013
Introduction to Mydex CIC Personal Data Stores - 7th March 2013Mydex CIC
 
Linkedin.Deck
Linkedin.DeckLinkedin.Deck
Linkedin.Deckbepker
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceEryk Budi Pratama
 
Managing identity for the future how everybody can win - david alexander - ...
Managing identity for the future how everybody can win - david alexander - ...Managing identity for the future how everybody can win - david alexander - ...
Managing identity for the future how everybody can win - david alexander - ...Mydex CIC
 
Blockchain in Banking Industry
Blockchain in Banking IndustryBlockchain in Banking Industry
Blockchain in Banking IndustryHigh Beam Global
 

La actualidad más candente (20)

Blockchain in HR
Blockchain in HRBlockchain in HR
Blockchain in HR
 
HR Blockchain User Experience
HR Blockchain User ExperienceHR Blockchain User Experience
HR Blockchain User Experience
 
How Blockchain Can Reinvigorate Facultative Reinsurance Contract Management
How Blockchain Can Reinvigorate Facultative Reinsurance Contract ManagementHow Blockchain Can Reinvigorate Facultative Reinsurance Contract Management
How Blockchain Can Reinvigorate Facultative Reinsurance Contract Management
 
IRJET- Estimation of a Good Fit with Blockchain and Identity and Access Manag...
IRJET- Estimation of a Good Fit with Blockchain and Identity and Access Manag...IRJET- Estimation of a Good Fit with Blockchain and Identity and Access Manag...
IRJET- Estimation of a Good Fit with Blockchain and Identity and Access Manag...
 
Crypto Valley Conference 2019 - CULedger
Crypto Valley Conference 2019 - CULedgerCrypto Valley Conference 2019 - CULedger
Crypto Valley Conference 2019 - CULedger
 
Blockchain: the trust fabric for next generation digital identity management
Blockchain: the trust fabric for next generation digital identity managementBlockchain: the trust fabric for next generation digital identity management
Blockchain: the trust fabric for next generation digital identity management
 
Mature Digital Trust Infrastructure - Are we there yet?
Mature Digital Trust Infrastructure - Are we there yet?Mature Digital Trust Infrastructure - Are we there yet?
Mature Digital Trust Infrastructure - Are we there yet?
 
The Hong Kong Public Key Infrastruture 2010
The Hong Kong Public Key Infrastruture 2010The Hong Kong Public Key Infrastruture 2010
The Hong Kong Public Key Infrastruture 2010
 
Exploring the Possibilities of Blockchain in Healthcare
Exploring the Possibilities of Blockchain in HealthcareExploring the Possibilities of Blockchain in Healthcare
Exploring the Possibilities of Blockchain in Healthcare
 
Kantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG UpdateKantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG Update
 
Identity in the Internet Age
Identity in the Internet Age Identity in the Internet Age
Identity in the Internet Age
 
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
 
Smedinghoff Identity Management: Who's Signing?
Smedinghoff Identity Management: Who's Signing?Smedinghoff Identity Management: Who's Signing?
Smedinghoff Identity Management: Who's Signing?
 
Trust Frameworks Explained
Trust Frameworks ExplainedTrust Frameworks Explained
Trust Frameworks Explained
 
Introduction to Mydex CIC Personal Data Stores - 7th March 2013
Introduction to Mydex CIC Personal Data Stores - 7th March 2013Introduction to Mydex CIC Personal Data Stores - 7th March 2013
Introduction to Mydex CIC Personal Data Stores - 7th March 2013
 
Linkedin.Deck
Linkedin.DeckLinkedin.Deck
Linkedin.Deck
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & Assurance
 
BeingSign blockchain-based online signing system|Introduction
BeingSign blockchain-based online signing system|IntroductionBeingSign blockchain-based online signing system|Introduction
BeingSign blockchain-based online signing system|Introduction
 
Managing identity for the future how everybody can win - david alexander - ...
Managing identity for the future how everybody can win - david alexander - ...Managing identity for the future how everybody can win - david alexander - ...
Managing identity for the future how everybody can win - david alexander - ...
 
Blockchain in Banking Industry
Blockchain in Banking IndustryBlockchain in Banking Industry
Blockchain in Banking Industry
 

Similar a E- and M-Business Trust Advances Through Digital Authentication

Why eSignatures are Imperative for Data Security.pdf
Why eSignatures are Imperative for Data Security.pdfWhy eSignatures are Imperative for Data Security.pdf
Why eSignatures are Imperative for Data Security.pdfDrysign By Exela
 
KYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryKYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryNitin Patidar
 
Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems Maganathin Veeraragaloo
 
An Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsAn Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsUbisecure
 
Digital Signatures for E-tendering -DrySign by Exela
Digital Signatures for E-tendering -DrySign by ExelaDigital Signatures for E-tendering -DrySign by Exela
Digital Signatures for E-tendering -DrySign by ExelaDrysign By Exela
 
Think twice before you sign again!
Think twice before you sign again!Think twice before you sign again!
Think twice before you sign again!Process Fusion Inc
 
Strengthening Online Security with eSignatures.pdf
Strengthening Online Security with eSignatures.pdfStrengthening Online Security with eSignatures.pdf
Strengthening Online Security with eSignatures.pdfDrysign By Exela
 
Digital signatures whitepaper_thinkdox
Digital signatures whitepaper_thinkdoxDigital signatures whitepaper_thinkdox
Digital signatures whitepaper_thinkdoxChristopher Wynder
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network securityrhassan84
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network securityrhassan84
 
Benefits of Blockchain for Identity and Access Management - By Azgari Lipshy
Benefits of Blockchain for Identity and Access Management - By Azgari Lipshy Benefits of Blockchain for Identity and Access Management - By Azgari Lipshy
Benefits of Blockchain for Identity and Access Management - By Azgari Lipshy Azgari Lipshy
 
The Importance of Electronic Identities in the Digital Era
The Importance of Electronic Identities in the Digital EraThe Importance of Electronic Identities in the Digital Era
The Importance of Electronic Identities in the Digital EraDrysign By Exela
 
Blockchains Impact on Identity Management.pdf
Blockchains Impact on Identity Management.pdfBlockchains Impact on Identity Management.pdf
Blockchains Impact on Identity Management.pdfniahiggins21
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresOliver Pfaff
 
The ultimate guide to digital signatures
The ultimate guide to digital signaturesThe ultimate guide to digital signatures
The ultimate guide to digital signaturesCoSign by ARX
 
The Ultimate Guide to Digital Signatures
The Ultimate Guide to Digital SignaturesThe Ultimate Guide to Digital Signatures
The Ultimate Guide to Digital SignaturesTania Fuchs
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftDiane M. Metcalf
 

Similar a E- and M-Business Trust Advances Through Digital Authentication (20)

Why eSignatures are Imperative for Data Security.pdf
Why eSignatures are Imperative for Data Security.pdfWhy eSignatures are Imperative for Data Security.pdf
Why eSignatures are Imperative for Data Security.pdf
 
KYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryKYC Blockchain in Insurance Industry
KYC Blockchain in Insurance Industry
 
Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems
 
An Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsAn Introduction to Authentication for Applications
An Introduction to Authentication for Applications
 
Digital Signatures for E-tendering -DrySign by Exela
Digital Signatures for E-tendering -DrySign by ExelaDigital Signatures for E-tendering -DrySign by Exela
Digital Signatures for E-tendering -DrySign by Exela
 
Think twice before you sign again!
Think twice before you sign again!Think twice before you sign again!
Think twice before you sign again!
 
Strengthening Online Security with eSignatures.pdf
Strengthening Online Security with eSignatures.pdfStrengthening Online Security with eSignatures.pdf
Strengthening Online Security with eSignatures.pdf
 
Digital signatures whitepaper_thinkdox
Digital signatures whitepaper_thinkdoxDigital signatures whitepaper_thinkdox
Digital signatures whitepaper_thinkdox
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
 
Benefits of Blockchain for Identity and Access Management - By Azgari Lipshy
Benefits of Blockchain for Identity and Access Management - By Azgari Lipshy Benefits of Blockchain for Identity and Access Management - By Azgari Lipshy
Benefits of Blockchain for Identity and Access Management - By Azgari Lipshy
 
Carrie Peter
Carrie PeterCarrie Peter
Carrie Peter
 
The Importance of Electronic Identities in the Digital Era
The Importance of Electronic Identities in the Digital EraThe Importance of Electronic Identities in the Digital Era
The Importance of Electronic Identities in the Digital Era
 
Dsc ppt
Dsc pptDsc ppt
Dsc ppt
 
Blockchains Impact on Identity Management.pdf
Blockchains Impact on Identity Management.pdfBlockchains Impact on Identity Management.pdf
Blockchains Impact on Identity Management.pdf
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
 
The ultimate guide to digital signatures
The ultimate guide to digital signaturesThe ultimate guide to digital signatures
The ultimate guide to digital signatures
 
The Ultimate Guide to Digital Signatures
The Ultimate Guide to Digital SignaturesThe Ultimate Guide to Digital Signatures
The Ultimate Guide to Digital Signatures
 
Protection on cyber fraud
Protection on cyber fraudProtection on cyber fraud
Protection on cyber fraud
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity Theft
 

Más de Oliver Pfaff

Trends in IIoT and OT Security
Trends in IIoT and OT SecurityTrends in IIoT and OT Security
Trends in IIoT and OT SecurityOliver Pfaff
 
Web-of-Things and Services Security
Web-of-Things and Services SecurityWeb-of-Things and Services Security
Web-of-Things and Services SecurityOliver Pfaff
 
Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Oliver Pfaff
 
IT-Security@Contemporary Life
IT-Security@Contemporary LifeIT-Security@Contemporary Life
IT-Security@Contemporary LifeOliver Pfaff
 
New Trends in Web Security
New Trends in Web SecurityNew Trends in Web Security
New Trends in Web SecurityOliver Pfaff
 
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?Oliver Pfaff
 
Does REST Change the Game for IAM?
Does REST Change the Game for IAM?Does REST Change the Game for IAM?
Does REST Change the Game for IAM?Oliver Pfaff
 
Identifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusinessIdentifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusinessOliver Pfaff
 
Early Adopting Java WSIT-Experiences with Windows CardSpace
Early Adopting Java WSIT-Experiences with Windows CardSpaceEarly Adopting Java WSIT-Experiences with Windows CardSpace
Early Adopting Java WSIT-Experiences with Windows CardSpaceOliver Pfaff
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityOliver Pfaff
 
State-of-the-Art in Web Services Federation
State-of-the-Art in Web Services FederationState-of-the-Art in Web Services Federation
State-of-the-Art in Web Services FederationOliver Pfaff
 
Unified Security Architectures for Web and WAP
Unified Security Architectures for Web and WAPUnified Security Architectures for Web and WAP
Unified Security Architectures for Web and WAPOliver Pfaff
 
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...Oliver Pfaff
 
Identity 2.0, Web services and SOA in Health Care
Identity 2.0, Web services and SOA in Health CareIdentity 2.0, Web services and SOA in Health Care
Identity 2.0, Web services and SOA in Health CareOliver Pfaff
 
SOA Security - So What?
SOA Security - So What?SOA Security - So What?
SOA Security - So What?Oliver Pfaff
 

Más de Oliver Pfaff (17)

Trends in IIoT and OT Security
Trends in IIoT and OT SecurityTrends in IIoT and OT Security
Trends in IIoT and OT Security
 
Web-of-Things and Services Security
Web-of-Things and Services SecurityWeb-of-Things and Services Security
Web-of-Things and Services Security
 
Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'
 
IT-Security@Contemporary Life
IT-Security@Contemporary LifeIT-Security@Contemporary Life
IT-Security@Contemporary Life
 
OAuth Base Camp
OAuth Base CampOAuth Base Camp
OAuth Base Camp
 
New Trends in Web Security
New Trends in Web SecurityNew Trends in Web Security
New Trends in Web Security
 
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?
 
Does REST Change the Game for IAM?
Does REST Change the Game for IAM?Does REST Change the Game for IAM?
Does REST Change the Game for IAM?
 
Analyzing OAuth
Analyzing OAuthAnalyzing OAuth
Analyzing OAuth
 
Identifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusinessIdentifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusiness
 
Early Adopting Java WSIT-Experiences with Windows CardSpace
Early Adopting Java WSIT-Experiences with Windows CardSpaceEarly Adopting Java WSIT-Experiences with Windows CardSpace
Early Adopting Java WSIT-Experiences with Windows CardSpace
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric Identity
 
State-of-the-Art in Web Services Federation
State-of-the-Art in Web Services FederationState-of-the-Art in Web Services Federation
State-of-the-Art in Web Services Federation
 
Unified Security Architectures for Web and WAP
Unified Security Architectures for Web and WAPUnified Security Architectures for Web and WAP
Unified Security Architectures for Web and WAP
 
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
 
Identity 2.0, Web services and SOA in Health Care
Identity 2.0, Web services and SOA in Health CareIdentity 2.0, Web services and SOA in Health Care
Identity 2.0, Web services and SOA in Health Care
 
SOA Security - So What?
SOA Security - So What?SOA Security - So What?
SOA Security - So What?
 

Último

SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 

Último (20)

SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 

E- and M-Business Trust Advances Through Digital Authentication

  • 1. Trust in E- and M-Business Advances Through IT-Security SACIS Conference 2002 Istanbul, March 19-20
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18. Authorization in the Web Environment: Common Architecture PSTN IP network PSTN Intranet Home, hotel ,... Office Mobile ... Target services Clients Internet connectivity External networks Internal networks Policy enforcement point Policy decision point Repository Policy administration point
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.