2020-020-Andrew Shikiar - FIDO Alliance - making Cybersecurity more secure
BrakeSec Education Podcast · Bryan Brake
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Andrew Shikiar, executive director and CMO of the (Fast IDentity Online) FIDO Alliance.
What is FIDO?
" open industry association launched in February 2013 whose mission is to develop and promote authentication standards that help reduce the world's over-reliance on passwords. FIDO addresses the lack of interoperability among strong authentication devices and reduces the problems users face creating and remembering multiple usernames and passwords."
Did any one event precipitate creation of the FIDO alliance?
UAF= https://fidoalliance.org/specs/fido-uaf-v1.2-rd-20171128/fido-uaf-protocol-v1.2-rd-20171128.html
U2F = https://en.wikipedia.org/wiki/Universal_2nd_Factor (yubikeys, tokens)
https://landing.google.com/advancedprotection/
FIDO supports biometrics - https://www.biometricupdate.com/202002/how-fido-based-biometric-technology-clears-up-the-iot-authentication-mess
FIDO certified software and companies: https://fidoalliance.org/fido-certified-showcase/
IBM: https://www.ibm.com/blogs/sweeden/fido2-conformance-why-its-a-big-deal/ --
Digital Identity Guidelines: Authentication and Lifecycle Management - digital ID framework
NIST guidelines that FIDO meets: https://pages.nist.gov/800-63-3/sp800-63b.html#sec5
https://fidoalliance.org/certification/authenticator-certification-levels/
https://github.com/herrjemand/awesome-webauthn
https://fidoalliance.org/content/case-study/
https://loginwithfido.com/provider/
From a threat modeling perspective, how does '2fa' occur when the authenticating method and the browser are on the same device?
Consumer education initiative https://loginwithfido.com/
IoT Devices- https://fidoalliance.org/internet-of-things/
https://blog.techdesign.com/fido-authentication-to-secure-iot-devices/
For Developers: https://fidoalliance.org/developers/ or https://webauthn.io/ - dev information about WebAuthN
https://github.com/herrjemand/awesome-webauthn
https://fidoalliance.org/events/ - upcoming webinars for FIDO related topics
NTT DOCOMO introduces passwordless authentication for d ACCOUNT
https://groups.google.com/a/fidoalliance.org/forum/#!forum/fido-dev
Check out our Store on Teepub! https://brakesec.com/store
Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email [email protected]
#Brakesec Store!:https://www.teepublic.com/user/bdspodcast
#Spotify: https://brakesec.com/spotifyBDS #Pandora: https://pandora.app.link/p9AvwdTpT3
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: [email protected]
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec