Recently, the industry has been moving away from using passwords since it is known to be the main cause for many security breaches. One of the best Passwordless solutions right now is FIDO2 authentication (called WebAuthn). WebAuthn is based on PKI (Public Key Infrastructure) cryptography technology to be simple, convenient and secure, and proven to be the most effective against phishing attacks. However, as FIDO tries to satisfy conflicting issues such as privacy protection vs maximum security, some FIDO2 features need to be improved for enterprise deployment and use. For example, many enterprises dealing with sensitive data need to ensure the FIDO authenticator is under the enterprise’s total management. In this talk, we present several critical enterprise issues including (1) enterprise attestation, (2) secure firmware control, (3) extended ROE (Restricted Operation Environment) and (4) biometric template integrity monitoring, and our new FIDO authenticator provisioning solution from holistic security approach.
Stephen Oh is the founder and CEO of eWBM and TrustKey Solutions. eWBM is a fabless semiconductor company specialized in secure MCU (Microprocessor) and TrustKey provides passwordless login as well as revolutionary new IoT device provision solutions called Holistic Security Platform (HSP). eWBM’s secure MS500 is used for a variety of IoT and security applications including FIDO2 external authenticator for TrustKey Solutions, LoRa module, and Industrial IoT devices. Before founding eWBM in 2009, he was a vice president of Samsung Electronics, SLSI Business Unit, where his responsibility is AP (Application Processor) development and business. He was also involved with Gigabit Ethernet Standard (IEEE802.3ab) and ADSL standard (T1.413) while he was with National Semiconductor and Texas Instruments. He received his PhD/MSEE/BSEE from Purdue University.
[CPE Credits] You are eligible for CPE Credits. Download your Viewing Certificate from BrightTALK.