Lockstep presenting at AusCERT 2007
[22 Jan 07] An all day tutorial on authentication at the annual AusCERT conference in May.
A Practical Guide to Authentication for Strategists and Policy Makers
See http://conference.auscert.org.au/conf2007 for details in coming weeks.
This interactive and practical workshop aims to help strategists, policy makers and regulators make best use of authentication technologies in Australia's technology neutral governance environment. Hot topics addressed include Federated ID, Internet banking security, phishing, smartcards, and the new “Man In The Middle” attack. The workshop will provide everything you really need to know in this challenging field, with a focus on marrying real business needs with technology and processes.
The workshop will furnish attendees with Actor Diagrams, risk based selection frameworks, and other practical analytical tools with which to understand their own authentication requirements, and to assist them to make robust decisions at the strategy, policy and architectural levels.
What do you really need to know about authentication?
— Understanding the needs: Access Control, Document Management, and Anti Fraud
— Options: two factor authentication, digital certificates, smartcards and biometrics
— Authentication risk management
— Identity fraud: skimming, phishing, identity theft, website spoofing
— The Man-In-The-Middle attack
— Two Factor Authentication: How it works, and how it is under attack
— Mutual Authentication
— Federated Identity
— Public Key Infrastructure and the Gatekeeper reforms
— The Australian Government Authentication Framework (AGAF)
— Smartcards and their application in banking and government services