KEMBAR78
2FA Protocol Presentation | PPTX
AA
Uploaded byAkhil Agrawal
PPTX, PDF1,017 views

2FA Protocol Presentation

Two-factor authentication adds an extra layer of security beyond just a password. It works by providing a random code during service activation that the subscriber must then confirm by calling from their home phone line and providing the code. This helps verify that the subscriber is who they claim to be and is accessing the service from a trusted device. The system was implemented using technologies like Java, MySQL and Dialogic to allow two-factor authentication for any voice applications like Phone2Go. It includes REST and SIP modules with a layered architecture and uses cases like validating codes within the time limit or for incorrect codes.

Downloaded 18 times
Two-Factor Authentication - Akhil Agrawal Purdue University
Why is it required? • Legacy Authentication & Authorization alone are not enough • Passwords alone are not enough • No way to verify the end user is our real subscriber • No way to verify the end user is bound to his/her account services
How does it work? • During any service/application activation, a random code (Passcode) will be provided • Subscriber should call from home line and provide Passcode • Subscriber account, home line Passcode will be verified • Service/Application will be activated
What applications will use it? • Any application on voice platform • Phone2Go will be able to use it immediately
Different Approaches • Place a call to Subscriber’s home phone, collect the Passcode & Verify • Subscriber will place a call to a dedicated line from home phone, collect the Passcode & Verify • Ask Subscriber to place a call to dedicated line from home phone with in short duration
Technologies Used • Java • MySQL • Dialogic
Architecture
Implementation - Overview
Database – Physical Model Column Name Data Type Default Value Description ID UNSIGNED BIG INT NOT NULL PRIMARY KEY AUTO INCREMENT Primary Key. TN INT NULL User's Landline TN. ApplicationId VARCHAR(25) NULL Name of the Application. ActivationKey VARCHAR(25) NULL Special parameters required by respective external client. MacAddress VARCHAR(25) NULL Mac Address of device. Token INT NULL 6 digit code generated for 2FA. DateAndTime DATETIME NOT NULL Default now() Date and Time when the code was created. 2FAStatus VARCHAR(10) NULL Shows the status of the 2 Factor Authentication. Will accept only init and success as values.
REST Module - Layered Architecture
REST Module Sequence Diagram
SIP Module - Layered Architecture
Use Cases • User making the call and entering the correct code with no errors. • User making the call without initiating the 2 Factor Authentication Request. • User making the call after the set time limit. • User entering the incorrect code.
SIP Module Sequence Design
No Initiated 2FA Request
User Called After Time Limit
User Entered Incorrect Auth Code
Mentors • Mr. Naresh Dhiman – Architect and Design of the solution. • Mr. Thirumal Ramachandruni, Mr. Umashankar Somasundaram – Java development. • Mr. Mathivanan Manickam – Integration with Media Server.
Conclusion • Completing this project for my internship has been a learning and enjoyable experience. • I really hope my project helps add a layer of security to the existing and upcoming voice applications.

More Related Content

PPTX
Going Passwordless with Microsoft
byFIDO Alliance
 
PPTX
Two factor authentication 2018
byWill Adams
 
PDF
Secure Your Encryption with HSM
byNarudom Roongsiriwong, CISSP
 
PPTX
Seminar-Two Factor Authentication
byDilip Kr. Jangir
 
PPTX
Access management
byVenkatesh Jambulingam
 
PPT
Cyber Security and Cyber Awareness
byJay Nagar
 
PDF
Cyber security awareness presentation nepal
byICT Frame Magazine Pvt. Ltd.
 
PDF
Two factor authentication
byHai Nguyen
 
Going Passwordless with Microsoft
byFIDO Alliance
 
Two factor authentication 2018
byWill Adams
 
Secure Your Encryption with HSM
byNarudom Roongsiriwong, CISSP
 
Seminar-Two Factor Authentication
byDilip Kr. Jangir
 
Access management
byVenkatesh Jambulingam
 
Cyber Security and Cyber Awareness
byJay Nagar
 
Cyber security awareness presentation nepal
byICT Frame Magazine Pvt. Ltd.
 
Two factor authentication
byHai Nguyen
 

What's hot

PPTX
Two factor authentication presentation mcit
bymmubashirkhan
 
PPTX
Security Testing for IoT Systems
bySecurity Innovation
 
PPT
Email Security and Awareness
bySanjiv Arora
 
PPT
Mobile Payment fraud & risk assessment
byStefano Maria De' Rossi
 
PPTX
Cryptocurrency - Digital Currency
bySameer Satyam
 
PDF
Social engineering attacks
byRamiro Cid
 
PDF
Security in IoT
bySKS
 
PPTX
Cybersecurity Awareness Session by Adam
byMohammed Adam
 
PPT
Smart card
bySaumya Ranjan Behura
 
PPTX
Security in IoT
bygr9293
 
PPTX
Modern SOC Trends 2020
byAnton Chuvakin
 
PPT
General Awareness On Cyber Security
byDominic Rajesh
 
PPTX
Blockchain and Cybersecurity
bygppcpa
 
PDF
Encryption and Key Distribution Methods
byGulcin Yildirim Jelinek
 
PDF
2019 FIDO Tokyo Seminar - LINE PayへのFIDO2実装
byFIDO Alliance
 
PDF
IOT Security
bySylvain Martinez
 
PPTX
One Time Password - A two factor authentication system
bySwetha Kogatam
 
PDF
Password Management
byRick Chin
 
PPTX
Cyber Security Awareness Program.pptx
byDinesh582831
 
PPTX
Cyber Security 101: Training, awareness, strategies for small to medium sized...
byStephen Cobb
 
Two factor authentication presentation mcit
bymmubashirkhan
 
Security Testing for IoT Systems
bySecurity Innovation
 
Email Security and Awareness
bySanjiv Arora
 
Mobile Payment fraud & risk assessment
byStefano Maria De' Rossi
 
Cryptocurrency - Digital Currency
bySameer Satyam
 
Social engineering attacks
byRamiro Cid
 
Security in IoT
bySKS
 
Cybersecurity Awareness Session by Adam
byMohammed Adam
 
Smart card
bySaumya Ranjan Behura
 
Security in IoT
bygr9293
 
Modern SOC Trends 2020
byAnton Chuvakin
 
General Awareness On Cyber Security
byDominic Rajesh
 
Blockchain and Cybersecurity
bygppcpa
 
Encryption and Key Distribution Methods
byGulcin Yildirim Jelinek
 
2019 FIDO Tokyo Seminar - LINE PayへのFIDO2実装
byFIDO Alliance
 
IOT Security
bySylvain Martinez
 
One Time Password - A two factor authentication system
bySwetha Kogatam
 
Password Management
byRick Chin
 
Cyber Security Awareness Program.pptx
byDinesh582831
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
byStephen Cobb
 

Viewers also liked

PPT
9 password security
bydrewz lin
 
PDF
Two-factor Authentication
byPortalGuard dba PistolStar, Inc.
 
PDF
The Back to School Smartphone Guide
byLookout
 
PDF
Two Factor Authentication and You
byChris Stone
 
PDF
Two factor authentication with Laravel and Google Authenticator
byAllan Denot
 
PDF
3 Ways to Protect the Data in Your Apple Account
byLookout
 
9 password security
bydrewz lin
 
Two-factor Authentication
byPortalGuard dba PistolStar, Inc.
 
The Back to School Smartphone Guide
byLookout
 
Two Factor Authentication and You
byChris Stone
 
Two factor authentication with Laravel and Google Authenticator
byAllan Denot
 
3 Ways to Protect the Data in Your Apple Account
byLookout
 

Similar to 2FA Protocol Presentation

PPTX
CIS 2012 - Going Mobile with PingFederate and OAuth 2
byscotttomilson
 
PDF
Transecq ITA
bytransecq
 
DOC
87559489 auth
byhomeworkping4
 
PDF
New Trends in Web Security
byOliver Pfaff
 
PDF
APIsecure 2023 - OAuth, OIDC and protecting third-party credentials, Ed Olson...
byapidays
 
PPTX
Sxsw ppt voice-1
byDan Miller
 
PPTX
Presentation of website analytics in webi
byhemantshrivas2004
 
PDF
120 i143
byHai Nguyen
 
PDF
Nexmo presentation at TADHack
byAlan Quayle
 
PDF
Over the Air 2011 Security Workshop
byEricsson Labs
 
PPTX
Cloud Identity Management
byDamian T. Gordon
 
PDF
(2007) Case Study: Phone-based Voice Biometrics for Remote Authentication
byInternational Center for Biometric Research
 
PDF
Oauth Nightmares Abstract OAuth Nightmares
byNino Ho
 
PDF
How to 2FA-enable Open Source Applications
byAll Things Open
 
PPTX
Hardware Authentication
byCoder Tech
 
PPTX
Caller ID Android Application
bySmitakshi Sen
 
PPTX
FI-WARE OAUTH-XACML-based API Access Control - Overview (Part 1)
bycdanger
 
PPTX
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
byBrian Campbell
 
PPTX
New Opportunities with Two Factor Authentication (2FA) - A How To
byAlan Percy
 
PDF
New Opportunities with Two Factor Authentication (2FA) - A How To
byTelcoBridges Inc.
 
CIS 2012 - Going Mobile with PingFederate and OAuth 2
byscotttomilson
 
Transecq ITA
bytransecq
 
87559489 auth
byhomeworkping4
 
New Trends in Web Security
byOliver Pfaff
 
APIsecure 2023 - OAuth, OIDC and protecting third-party credentials, Ed Olson...
byapidays
 
Sxsw ppt voice-1
byDan Miller
 
Presentation of website analytics in webi
byhemantshrivas2004
 
120 i143
byHai Nguyen
 
Nexmo presentation at TADHack
byAlan Quayle
 
Over the Air 2011 Security Workshop
byEricsson Labs
 
Cloud Identity Management
byDamian T. Gordon
 
(2007) Case Study: Phone-based Voice Biometrics for Remote Authentication
byInternational Center for Biometric Research
 
Oauth Nightmares Abstract OAuth Nightmares
byNino Ho
 
How to 2FA-enable Open Source Applications
byAll Things Open
 
Hardware Authentication
byCoder Tech
 
Caller ID Android Application
bySmitakshi Sen
 
FI-WARE OAUTH-XACML-based API Access Control - Overview (Part 1)
bycdanger
 
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
byBrian Campbell
 
New Opportunities with Two Factor Authentication (2FA) - A How To
byAlan Percy
 
New Opportunities with Two Factor Authentication (2FA) - A How To
byTelcoBridges Inc.
 

2FA Protocol Presentation

  • 1.
  • 2.
    Why is itrequired? • Legacy Authentication & Authorization alone are not enough • Passwords alone are not enough • No way to verify the end user is our real subscriber • No way to verify the end user is bound to his/her account services
  • 4.
    How does itwork? • During any service/application activation, a random code (Passcode) will be provided • Subscriber should call from home line and provide Passcode • Subscriber account, home line Passcode will be verified • Service/Application will be activated
  • 5.
    What applications willuse it? • Any application on voice platform • Phone2Go will be able to use it immediately
  • 6.
    Different Approaches • Placea call to Subscriber’s home phone, collect the Passcode & Verify • Subscriber will place a call to a dedicated line from home phone, collect the Passcode & Verify • Ask Subscriber to place a call to dedicated line from home phone with in short duration
  • 7.
  • 8.
  • 9.
  • 10.
    Database – PhysicalModel Column Name Data Type Default Value Description ID UNSIGNED BIG INT NOT NULL PRIMARY KEY AUTO INCREMENT Primary Key. TN INT NULL User's Landline TN. ApplicationId VARCHAR(25) NULL Name of the Application. ActivationKey VARCHAR(25) NULL Special parameters required by respective external client. MacAddress VARCHAR(25) NULL Mac Address of device. Token INT NULL 6 digit code generated for 2FA. DateAndTime DATETIME NOT NULL Default now() Date and Time when the code was created. 2FAStatus VARCHAR(10) NULL Shows the status of the 2 Factor Authentication. Will accept only init and success as values.
  • 11.
    REST Module -Layered Architecture
  • 12.
  • 13.
    SIP Module -Layered Architecture
  • 14.
    Use Cases • Usermaking the call and entering the correct code with no errors. • User making the call without initiating the 2 Factor Authentication Request. • User making the call after the set time limit. • User entering the incorrect code.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
    Mentors • Mr. NareshDhiman – Architect and Design of the solution. • Mr. Thirumal Ramachandruni, Mr. Umashankar Somasundaram – Java development. • Mr. Mathivanan Manickam – Integration with Media Server.
  • 20.
    Conclusion • Completing thisproject for my internship has been a learning and enjoyable experience. • I really hope my project helps add a layer of security to the existing and upcoming voice applications.