Date post: | 21-Jun-2015 |
Category: |
Technology |
Upload: | joe-mcdonald |
View: | 143 times |
Download: | 5 times |
WWPass Multi-Factor AuthenticationHow It Works
Joe McDonald July 2014Product Marketing [email protected]
User Visits WebsiteClicks On ‘Login with WWPass’
1. User Initiates Log On Using WWPass
I Want To Logon
WWPass Technology – How It WorksService Provider
WebsitePassKey
User
PassKeyUser
Service ProviderWebsite
x.509 Certificate
WWPass Technology – How It Works
1. User Initiates Log On Using WWPass2. Site Requests Authentication with WWPass
PassKeyUser
Service ProviderWebsite
WWPass Technology – How It Works
1. User Initiates Log On Using WWPass2. Site Requests Authentication with WWPass3. Site is Authenticated and a Unique One-time Session Ticket is Issued
Authenticated
Here’s your s
ession ticke
t:
Ticket: @
spfe:4567
PassKeyUser
Service ProviderWebsite
WWPass Technology – How It Works
1. User Initiates Log On Using WWPass2. Site Requests Authentication with WWPass3. Site is Authenticated and a Unique One-time Session Ticket is Issued4. Ticket with Service Provider ID (SPID) is Sent to the User
Website is valid. Here’s your session ticket:Ticket: srh123@spfe:4567
WWPass Technology – How It Works
1. User Initiates Log On Using WWPass2. Site Requests Authentication with WWPass3. Site is Authenticated and a Unique One-time Session Ticket is Issued4. Ticket with Service Provider ID (SPID) is Sent to the User5. User is Prompted to Present the PassKey
PassKeyUser
WWPass Technology – How It Works
1. User Initiates Log On Using WWPass2. Site Requests Authentication with WWPass3. Site is Authenticated and a Unique One-time Session Ticket is Issued4. Ticket with Service Provider ID (SPID) is Sent to the User5. User is Prompted to Present the PassKey6. User is Prompted for Consent to Authenticate
PassKeyUser
WWPass Technology – How It Works
1. User Initiates Log On Using WWPass2. Site Requests Authentication with WWPass3. Site is Authenticated and a Unique One-time Session Ticket is Issued4. Ticket with Service Provider ID (SPID) is Sent to the User5. User is Prompted to Present the PassKey6. User is Prompted for Consent to Authenticate7. User is Prompted to Enter Access Code
PassKeyUser
********
PassKeyUser
Service ProviderWebsite
WWPass Technology – How It Works
1. User Initiates Log On Using WWPass2. Site Requests Authentication with WWPass3. Site is Authenticated and a Unique One-time Session Ticket is Issued4. Ticket with Service Provider ID (SPID) is Sent to the User5. User is Prompted to Present the PassKey6. User is Prompted for Consent to Authenticate7. User is Prompted to Enter Access Code8. The User Authenticates with WWPass
PUID+AccessCode
Authenticated
Here’s Your Secrets
PassKeyUser
Service ProviderWebsite
WWPass Technology – How It Works
1. User Initiates Log On Using WWPass2. Site Requests Authentication with WWPass3. Site is Authenticated and a Unique One-time Session Ticket is Issued4. Ticket with Service Provider ID (SPID) is Sent to the User5. User is Prompted to Present the PassKey6. User is Prompted for Consent to Authenticate7. User is Prompted to Enter Access Code8. The User Authenticates with WWPass9. User Requests Location of Encrypted Data
Where Is The Data For
PUID+SessionTicket
Encrypted Data Location
PassKeyUser
Service ProviderWebsite
WWPass Technology – How It Works
1. User Initiates Log On Using WWPass2. Site Requests Authentication with WWPass3. Site is Authenticated and a Unique One-time Session Ticket is Issued4. Ticket with Service Provider ID (SPID) is Sent to the User5. User is Prompted to Present the PassKey6. User is Prompted for Consent to Authenticate7. User is Prompted to Enter Access Code8. The User Authenticates with WWPass9. User Requests Location of Encrypted Credential Data10. User Shares Location of Credential Data and Keys (for this Session Only)
Here’s The Secret Locations For Our DataYou Have My Permission To Read It
PassKeyUser
Service ProviderWebsite
WWPass Technology – How It Works
1. User Initiates Log On Using WWPass2. Site Requests Authentication with WWPass3. Site is Authenticated and a Unique One-time Session Ticket is Issued4. Ticket with Service Provider ID (SPID) is Sent to the User5. User is Prompted to Present the PassKey6. User is Prompted for Consent to Authenticate7. User is Prompted to Enter Access Code8. The User Authenticates with WWPass9. User Requests Location of Encrypted Credential Data10. User Shares Location of Credential Data and Keys (for this Session Only)11. Site Requests Credential Data from WWPass
Get Data From Secre
t
Locations
Encrypted, Fragmented, and Dispersed Data Retrieved
C 7
A
9
6
3
F
1
E5
2
B
WWPass Technology – How It Works
PassKeyUser
Service ProviderWebsite
WWPass Technology – How It Works
1. User Initiates Log On Using WWPass2. Site Requests Authentication with WWPass3. Site is Authenticated and a Unique One-time Session Ticket is Issued4. Ticket with Service Provider ID (SPID) is Sent to the User5. User is Prompted to Present the PassKey6. User is Prompted for Consent to Authenticate7. User is Prompted to Enter Access Code8. The User Authenticates with WWPass9. User Requests Location of Encrypted Credential Data10. User Shares Location of Credential Data and Keys (for this Session Only)11. Site Requests Credential Data from WWPass12. WWPass Provides Credential Data to Application
Here’s The Encry
pted Data
F7A5B3
User Is Securely Authenticated Access Is Granted