The document discusses the FIDO2 authentication process for creating and using passkeys across multiple devices. It describes creating a passkey for a banking app on Android, then signing into the same banking app on Windows and macOS using the passkey from Android. This involves scanning a QR code to link devices, performing user verification on each device, and having the passkey detected and stored locally on each new platform using the respective authentication method (Windows Hello, macOS, etc).
WebAuthn and Security Keys = Unlocking the key to authentication by John Fontana, Yubico on behalf of Christiaan Brand at Google
- Presented at FIDO Seoul Public Seminar on December 5th, 2018
WebAuthn - The End of the Password As We Know It?Thomas Konrad
WebAuthn has been around for some time now, and it has quite some potential to shape the future of authentication. In this Meetup, we'll explore how it works and walk through a sample implementation. Questions we'll answer in this Meetup:
- What is WebAuthn?
- How exactly does it work?
- How is WebAuthn better than traditional password authentication?
- How can I implement WebAuthn for my web application?
- Is WebAuthn multi-factor authentication?
- What are the weaknesses and practical pitfalls?
- What about user and public key enumeration?
- Is WebAuthn also usable for computer logins and on smartphones?
- Does it have the potential to superseed password authentication?
W3C - Web Authentication API by Korea ETRI (Electronics and Telecommunication Research Institute)
- Presented at FIDO Technical Seminar on July 16th, 2018
The slides from the talk I gave in Java.IL's Apr 2019 session.
These slides describe Keycloak, OAuth 2.0, OpenID and SparkBeyond's integration with Keycloak
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -NadalinFIDO Alliance
FIDO 2.0 specifications are being developed to standardize strong web authentication across platforms. This includes a Web Authentication API submitted to W3C, key attestation and signature formats. A Client to Authenticator Protocol enables authentication using external devices over transports like USB, Bluetooth, and NFC. FIDO aims to accelerate adoption by providing authentication built into browsers, operating systems, and platforms.
Keycloak for Science Gateways - SGCI Technology Sampler Webinarmarcuschristie
Using Keycloak to Provide Authentication, Authorization, and Identity Management Services for Your Gateway
Presentation to accompany blog post: https://sciencegateways.org/-/eds-tech-blog-using-keycloak-to-provide-authentication-authorization-and-identity-management-services-for-your-gateway
The document discusses the FIDO Alliance, which aims to address password problems and vulnerabilities by developing open authentication standards called FIDO. FIDO uses public key cryptography during authentication to securely verify users to online services from any device. The Alliance has over 250 members developing FIDO specifications and certification programs to advance adoption. Several large companies have implemented FIDO standards to strengthen authentication for their users and services.
FIDO Alliance Research: Consumer Attitudes Towards AuthenticationFIDO Alliance
The FIDO Alliance has launched a new microsite, LoginWithFIDO.com, for high level, non-technical information about FIDO for consumers and service providers. As part of this project, we wanted to learn more about consumer attitudes and habits around authentication. What are their password habits? What do they think about the FIDO approach? Do they want to see FIDO at login?
Implementing WebAuthn & FAPI supports on KeycloakYuichi Nakamura
Keycloak supports WebAuthn and FAPI by implementing their features and passing conformance tests. Hitachi contributed WebAuthn support and worked with NRI to add FAPI compliance, addressing issues like supporting newer signature algorithms and the PKCE protocol. Further contributions are welcomed to resolve remaining FAPI test issues.
Verifiable Credentials, Self Sovereign Identity and DLTs Vasiliy Suvorov
My talk from Crypto Valley Conference 2018 on emerging standards in Self-Sovereign Identity, Technology behind it, Overview of implementations and how to use it with blockchain and DLT systems.
Securing a Web App with Passwordless Web AuthenticationFIDO Alliance
This document provides instructions for implementing passwordless authentication for a web application using WebAuthn and FIDO2 security keys. It describes setting up a sample Spring Boot web app with traditional username/password authentication and then enhancing it with passwordless authentication. The workshop is split into modules, with this module focusing on implementing the authentication REST endpoints and updating the UI to allow passwordless sign-in. It provides code examples and diagrams to explain how the authentication flow works when a user attempts to sign in using a previously registered security key.
This document discusses Yubico's implementation of the U2F and FIDO2 authentication protocols. It covers key topics like key generation during registration, signature generation during authentication using an application private key, and the use of attestation certificates to verify the authenticator. Resident keys, PIN support, and extensions are also mentioned as differences between U2F and FIDO2.
The Shift from Federated to Decentralized IdentityEvernym
Up until recently, the majority of digital identity systems have been federated, where a small group of “identity providers” supply individuals with a digital identity that can be used to access other websites and services within the federation. Now we’re seeing the shift to decentralized identity solutions and open ecosystems based on verifiable credentials, where anyone can participate, issue, and verify.
In the first of a new series on digital identity and government, we invited leading experts from Accenture and Evernym to discuss the state of digital identity systems within the public sector and the reasons why government interest in decentralized models continues to increase.
We covered:
- The key differences between federated and decentralized identity systems
- An analysis of a few notable government-led projects, such as Aadhaar (India), Verify (UK), eIDAS (EU), and the Ontario Digital Identity Program (Canada)
- What decentralization means for portability, scalability, flexibility, and privacy
- How governments and commercial organizations can enhance existing federated identity systems with verifiable credentials
The document describes the FIDO2 specification which includes WebAuthn and CTAP. WebAuthn introduces a new JavaScript API for browser-based authentication and CTAP introduces a new API for platform-based authentication. It provides an overview of the registration and authentication flows including the use of public key credentials on servers to authenticate users. It also describes extensions, attestations, credential management and the goals of convenience and strong security in the FIDO standards.
Normalization of Security Key User ExperienceFIDO Alliance
This document discusses passwordless authentication using FIDO implementations. It provides a baseline study examining FIDO U2F deployments across different platforms and products. The study found a lack of consistent terminology, authentication methods, and browser support across services. Consistent user experiences are important for consumer adoption of passwordless authentication. The solution needs to be more convenient than passwords while providing security that consumers understand and value.
FIDO, Federation & Facebook Social LoginFIDO Alliance
This presentation discusses FIDO U2F authentication and how it can strengthen federated login systems. It begins with an overview of FIDO U2F and its benefits for secure, scalable authentication. It then explains how FIDO U2F fits into an identity management model and describes its challenge-response authentication flow. The presentation outlines how FIDO U2F can extend its security benefits to federated logins through a relying party and how Facebook has integrated FIDO U2F support. It concludes by encouraging attendees to learn more about implementing FIDO and building a more secure authentication stack.
- The document summarizes a presentation given by Brett McDowell, Executive Director of the FIDO Alliance, about updates to the FIDO Alliance and passwordless authentication standards.
- It highlights growing issues with passwords like high costs of password resets for organizations and high rates of password-related data breaches and phishing attacks.
- The FIDO Alliance is working to solve the password problem through open authentication standards based on public key cryptography that eliminate the reliance on shared secrets and enable strong, phishing-resistant multi-factor authentication with a single gesture.
- New developments include FIDO specifications becoming ITU and W3C standards, a growing number of FIDO2 certified products
This document summarizes a presentation given by Anthony Nadalin from Microsoft on FIDO2 and Microsoft implementations. It discusses the FIDO standards including CTAP2 and WebAuthn, and how Microsoft supports these standards in Windows 10, Microsoft Edge, and Microsoft Accounts. It provides an overview of authentication interactions and the different entities involved, such as relying parties, clients, authenticators, and platforms.
Technical Principles of FIDO AuthenticationFIDO Alliance
The document discusses technical principles of FIDO authentication. It provides an overview of how FIDO works, including the FIDO ecosystem with authenticators, clients, servers and relying parties. It also summarizes the FIDO registration and authentication processes, which separate user verification from authentication through the use of public and private keys.
The Second Payment Services Directive (PSD2) and the associated Regulatory Technical Standards (RTS) on strong customer authentication and secure communication impose stringent requirements on multi-factor authentication and on the security of implementations. Payment Service Providers will want to know whether the authentication solutions they put in place conform to the RTS both in terms of functionality and security.
The FIDO Alliance standards are based on multi-factor authentication and are a strong fit for PSD2 compliance. The FIDO Alliance’s certification program provides an independent evaluation of functional compliance to the standards as well as of the achieved level of security of FIDO authenticators.
Featuring industry experts, this presentation explores how FIDO can resolve key issues, including:
• How the FIDO standards conform to the RTS
• How FIDO’s certification program guarantees this conformity
• How FIDO’s certification program provides for the mandatory security evaluation imposed by the RTS
FIDO Adoption and Market Trends in JapanFIDO Alliance
NTT DOCOMO has deployed FIDO UAF authentication for its "d ACCOUNT" system since 2015, allowing customers to login without passwords. This supports not only DOCOMO services but also partner services. The FIDO Japan working group was established in 2016 to help with communications for Japanese members and promote FIDO standards adoption in Japan. Major achievements include monthly meetings, translated documents, and increasing Japanese members from 11 to 25. Several banks have recently adopted FIDO authentication solutions from Japanese members. FIDO adoption in Japan is growing, especially in fintech, and the working group hopes to collaborate with other regional groups to deliver stronger authentication globally.
2019 FIDO Tokyo Seminar - Welcome Keynote Andrew ShikiarFIDO Alliance
The document summarizes a presentation by Andrew Shikiar on solving password problems. It discusses the FIDO Alliance's work in establishing open authentication standards using public key cryptography and single gestures as an alternative to passwords. It provides an overview of key developments in 2019, including growing platform support for FIDO2, expanded addressable user base, global market validation, and membership growth. It outlines new work areas like device and user verification to strengthen identity assurance and plans for future developer focus and the first FIDO conference.
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity ServerWSO2
To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/12/fido-universal-second-factor-u2f-for-wso2-identity-server
In this webinar, WSO2, Yubico co-creator of U2F, and WSO2's premier integrator Yenlo explain the technology, discuss the use cases for strong authentication, and demonstrate the power and ease-of-use of the U2F security key. WSO2 will present the Authentication framework of WSO2 Identity server, Multi factor and Multi step authentication configuration and more.
In just over one year, the FIDO Certified Program has tested and certified more than 200 implementations of the FIDO specifications. There is strong interest and momentum in the market for FIDO Certified products — including FIDO’s new BLE certification, which for the first time brings FIDO technology to wearables and other emerging form factors.
These slides include information about:
- An overview of the program, including updates on newly available certification methodologies,
- Some of the latest and greatest FIDO Certified solutions on the marketplace, and gain an understanding of how products get started through the FIDO Certification process, and also will understand the benefits of deploying FIDO Certified authentication solutions.
Introduction to the FIDO Alliance: Vision & StatusFIDO Alliance
This document summarizes the FIDO Alliance's vision and status. It discusses how authentication has become a major problem and how over 250 organizations are working together through the FIDO Alliance to solve this problem by developing open standards for simpler and stronger authentication using public key cryptography. The FIDO Alliance aims to deliver security, privacy, interoperability and usability through specifications such as FIDO UAF, FIDO U2F and the upcoming FIDO2/WebAuthn specifications. The Alliance has seen strong growth in functional certifications and aims to also offer security and biometric certifications to validate authenticator safety and accurate user identification.
“Your Security, More Simple.” by utilizing FIDO AuthenticationLINE Corporation
This document summarizes a presentation given by Koichi Moriyama of NTT DOCOMO on their deployment of FIDO authentication. It discusses how NTT DOCOMO implemented FIDO standards to enable passwordless login for their d ACCOUNT system using biometric authentication on supported devices. It provides details on the motivation, user experience, and security approach taken. It also discusses future goals of using mobile devices as the primary authentication method and creating a world without passwords.
NTT DOCOMO Deployment Case Study: Your Security, More Simple.FIDO Alliance
Koichi Moriyama of NTT DOCOMO gave a presentation on the company's deployment of FIDO standards for strong authentication. NTT DOCOMO launched FIDO-enabled authentication using biometric sensors on devices for logging into d ACCOUNT and making carrier billing payments in 2015. They have continued expanding FIDO support to more devices and services. The presentation covered NTT DOCOMO's motivation, deployment overview, integration of FIDO standards, and the security and architecture of their FIDO implementation.
Case study from NTT DOCOMO for UAF. Learn about how FIDO-enabled products using UAF have helped NTT DOCOMO reach their goals in achieving simple and secure authentication.
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity ServerYenlo
Hackers and crackers are exposing the password as the Internet’s weakest security link. To combat these attacks, organizations need to ensure that access to online information is protected and restricted to authorized users, and diminish the reliance on passwords.
Join us as we detail a new security feature in WSO2 Identity Server (5.1.0) by enhancing account security with the FIDO Alliance’s U2F public key cryptography specification for strong authentication.
In this webinar, WSO2, Yubico co-creator of U2F, and WSO2’s premier integrator Yenlo explain the technology, discuss the use cases for strong authentication, and demonstrate the power and ease-of-use of the U2F security key. WSO2 will present the Authentication framework of WSO2 Identity server, Multi factor and Multi step authentication configuration and more.
See the recording of the WSO2 Identity Server webinar here: http://www.yenlo.com/en/web-wso2-identity-server-fido
Navigating Post-Quantum Blockchain: Resilient Cryptography in Quantum Threatsanupriti
In the rapidly evolving landscape of blockchain technology, the advent of quantum computing poses unprecedented challenges to traditional cryptographic methods. As quantum computing capabilities advance, the vulnerabilities of current cryptographic standards become increasingly apparent.
This presentation, "Navigating Post-Quantum Blockchain: Resilient Cryptography in Quantum Threats," explores the intersection of blockchain technology and quantum computing. It delves into the urgent need for resilient cryptographic solutions that can withstand the computational power of quantum adversaries.
Key topics covered include:
An overview of quantum computing and its implications for blockchain security.
Current cryptographic standards and their vulnerabilities in the face of quantum threats.
Emerging post-quantum cryptographic algorithms and their applicability to blockchain systems.
Case studies and real-world implications of quantum-resistant blockchain implementations.
Strategies for integrating post-quantum cryptography into existing blockchain frameworks.
Join us as we navigate the complexities of securing blockchain networks in a quantum-enabled future. Gain insights into the latest advancements and best practices for safeguarding data integrity and privacy in the era of quantum threats.
The Rise of Supernetwork Data Intensive ComputingLarry Smarr
Invited Remote Lecture to SC21
The International Conference for High Performance Computing, Networking, Storage, and Analysis
St. Louis, Missouri
November 18, 2021
Data Protection in a Connected World: Sovereignty and Cyber Securityanupriti
Delve into the critical intersection of data sovereignty and cyber security in this presentation. Explore unconventional cyber threat vectors and strategies to safeguard data integrity and sovereignty in an increasingly interconnected world. Gain insights into emerging threats and proactive defense measures essential for modern digital ecosystems.
In this follow-up session on knowledge and prompt engineering, we will explore structured prompting, chain of thought prompting, iterative prompting, prompt optimization, emotional language prompts, and the inclusion of user signals and industry-specific data to enhance LLM performance.
Join EIS Founder & CEO Seth Earley and special guest Nick Usborne, Copywriter, Trainer, and Speaker, as they delve into these methodologies to improve AI-driven knowledge processes for employees and customers alike.
AI_dev Europe 2024 - From OpenAI to Opensource AIRaphaël Semeteys
Navigating Between Commercial Ownership and Collaborative Openness
This presentation explores the evolution of generative AI, highlighting the trajectories of various models such as GPT-4, and examining the dynamics between commercial interests and the ethics of open collaboration. We offer an in-depth analysis of the levels of openness of different language models, assessing various components and aspects, and exploring how the (de)centralization of computing power and technology could shape the future of AI research and development. Additionally, we explore concrete examples like LLaMA and its descendants, as well as other open and collaborative projects, which illustrate the diversity and creativity in the field, while navigating the complex waters of intellectual property and licensing.
How Netflix Builds High Performance Applications at Global ScaleScyllaDB
We all want to build applications that are blazingly fast. We also want to scale them to users all over the world. Can the two happen together? Can users in the slowest of environments also get a fast experience? Learn how we do this at Netflix: how we understand every user's needs and preferences and build high performance applications that work for every user, every time.
Sustainability requires ingenuity and stewardship. Did you know Pigging Solutions pigging systems help you achieve your sustainable manufacturing goals AND provide rapid return on investment.
How? Our systems recover over 99% of product in transfer piping. Recovering trapped product from transfer lines that would otherwise become flush-waste, means you can increase batch yields and eliminate flush waste. From raw materials to finished product, if you can pump it, we can pig it.
Video traffic on the Internet is constantly growing; networked multimedia applications consume a predominant share of the available Internet bandwidth. A major technical breakthrough and enabler in multimedia systems research and of industrial networked multimedia services certainly was the HTTP Adaptive Streaming (HAS) technique. This resulted in the standardization of MPEG Dynamic Adaptive Streaming over HTTP (MPEG-DASH) which, together with HTTP Live Streaming (HLS), is widely used for multimedia delivery in today’s networks. Existing challenges in multimedia systems research deal with the trade-off between (i) the ever-increasing content complexity, (ii) various requirements with respect to time (most importantly, latency), and (iii) quality of experience (QoE). Optimizing towards one aspect usually negatively impacts at least one of the other two aspects if not both. This situation sets the stage for our research work in the ATHENA Christian Doppler (CD) Laboratory (Adaptive Streaming over HTTP and Emerging Networked Multimedia Services; https://athena.itec.aau.at/), jointly funded by public sources and industry. In this talk, we will present selected novel approaches and research results of the first year of the ATHENA CD Lab’s operation. We will highlight HAS-related research on (i) multimedia content provisioning (machine learning for video encoding); (ii) multimedia content delivery (support of edge processing and virtualized network functions for video networking); (iii) multimedia content consumption and end-to-end aspects (player-triggered segment retransmissions to improve video playout quality); and (iv) novel QoE investigations (adaptive point cloud streaming). We will also put the work into the context of international multimedia systems research.
Performance Budgets for the Real World by Tammy EvertsScyllaDB
Performance budgets have been around for more than ten years. Over those years, we’ve learned a lot about what works, what doesn’t, and what we need to improve. In this session, Tammy revisits old assumptions about performance budgets and offers some new best practices. Topics include:
• Understanding performance budgets vs. performance goals
• Aligning budgets with user experience
• Pros and cons of Core Web Vitals
• How to stay on top of your budgets to fight regressions
Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...Chris Swan
Have you noticed the OpenSSF Scorecard badges on the official Dart and Flutter repos? It's Google's way of showing that they care about security. Practices such as pinning dependencies, branch protection, required reviews, continuous integration tests etc. are measured to provide a score and accompanying badge.
You can do the same for your projects, and this presentation will show you how, with an emphasis on the unique challenges that come up when working with Dart and Flutter.
The session will provide a walkthrough of the steps involved in securing a first repository, and then what it takes to repeat that process across an organization with multiple repos. It will also look at the ongoing maintenance involved once scorecards have been implemented, and how aspects of that maintenance can be better automated to minimize toil.
AC Atlassian Coimbatore Session Slides( 22/06/2024)apoorva2579
This is the combined Sessions of ACE Atlassian Coimbatore event happened on 22nd June 2024
The session order is as follows:
1.AI and future of help desk by Rajesh Shanmugam
2. Harnessing the power of GenAI for your business by Siddharth
3. Fallacies of GenAI by Raju Kandaswamy
Details of description part II: Describing images in practice - Tech Forum 2024BookNet Canada
This presentation explores the practical application of image description techniques. Familiar guidelines will be demonstrated in practice, and descriptions will be developed “live”! If you have learned a lot about the theory of image description techniques but want to feel more confident putting them into practice, this is the presentation for you. There will be useful, actionable information for everyone, whether you are working with authors, colleagues, alone, or leveraging AI as a collaborator.
Link to presentation recording and transcript: https://bnctechforum.ca/sessions/details-of-description-part-ii-describing-images-in-practice/
Presented by BookNet Canada on June 25, 2024, with support from the Department of Canadian Heritage.
What's Next Web Development Trends to Watch.pdfSeasiaInfotech2
Explore the latest advancements and upcoming innovations in web development with our guide to the trends shaping the future of digital experiences. Read our article today for more information.
What Not to Document and Why_ (North Bay Python 2024)Margaret Fero
We’re hopefully all on board with writing documentation for our projects. However, especially with the rise of supply-chain attacks, there are some aspects of our projects that we really shouldn’t document, and should instead remediate as vulnerabilities. If we do document these aspects of a project, it may help someone compromise the project itself or our users. In this talk, you will learn why some aspects of documentation may help attackers more than users, how to recognize those aspects in your own projects, and what to do when you encounter such an issue.
These are slides as presented at North Bay Python 2024, with one minor modification to add the URL of a tweet screenshotted in the presentation.
Quality Patents: Patents That Stand the Test of TimeAurora Consulting
Is your patent a vanity piece of paper for your office wall? Or is it a reliable, defendable, assertable, property right? The difference is often quality.
Is your patent simply a transactional cost and a large pile of legal bills for your startup? Or is it a leverageable asset worthy of attracting precious investment dollars, worth its cost in multiples of valuation? The difference is often quality.
Is your patent application only good enough to get through the examination process? Or has it been crafted to stand the tests of time and varied audiences if you later need to assert that document against an infringer, find yourself litigating with it in an Article 3 Court at the hands of a judge and jury, God forbid, end up having to defend its validity at the PTAB, or even needing to use it to block pirated imports at the International Trade Commission? The difference is often quality.
Quality will be our focus for a good chunk of the remainder of this season. What goes into a quality patent, and where possible, how do you get it without breaking the bank?
** Episode Overview **
In this first episode of our quality series, Kristen Hansen and the panel discuss:
⦿ What do we mean when we say patent quality?
⦿ Why is patent quality important?
⦿ How to balance quality and budget
⦿ The importance of searching, continuations, and draftsperson domain expertise
⦿ Very practical tips, tricks, examples, and Kristen’s Musts for drafting quality applications
https://www.aurorapatents.com/patently-strategic-podcast.html
How to Avoid Learning the Linux-Kernel Memory ModelScyllaDB
The Linux-kernel memory model (LKMM) is a powerful tool for developing highly concurrent Linux-kernel code, but it also has a steep learning curve. Wouldn't it be great to get most of LKMM's benefits without the learning curve?
This talk will describe how to do exactly that by using the standard Linux-kernel APIs (locking, reference counting, RCU) along with a simple rules of thumb, thus gaining most of LKMM's power with less learning. And the full LKMM is always there when you need it!
6. 6
Google Case Study
U2F YubiKey
vs Google Authenticator
● 4x faster to login
● Significant fraud reduction
● Support reduced by 92%
● YubiKey mandatory for all Google staff and contractors
● Support for Google end users
8. 8
Relying PartyUser Side
U2F Code
USB (HID) API
U2F JS APISecure Hardware
(optional)
Transport
USB (HID)
Web Application
U2F Library
FIDO Client/ BrowserU2F Authenticator
U2F Entities
NFC API
Bluetooth API
NFC
Bluetooth
User Action
Public Keys +
Key Handles +
Attestation
Certificates
24. Get Started
● Read the specifications: fidoalliance.org/specifications/overview/
● Go through a MiniTwit U2F tutorial: MiniTwit training video
Implement
● Google reference code: github.com/google/u2f-ref-code
● Build your own U2F server: dev.yubi.co/U2F/libraries
● Use Yubico standalone U2F server: dev.yubi.co/u2fval
Test
● Yubico U2F demo server: demo.yubico.com/u2f
● Google U2F demo server: u2fdemo.appspot.com
FIDO U2F - Learn More
24