NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John...
Transcript of NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John...
![Page 1: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/1.jpg)
NACCU Technology Research Committee
Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn
![Page 2: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/2.jpg)
2018 Committee Members
• Rozie AmosUniversity of Calgary
• Ben AndersonTapingo
• John BonassVillanova University
• Myron EstersonTowson University
• Greg JonasonUniversity of Houston
• Jay KohnStanford University (Chair)
• Barton LawyerDuke University
• Dawn ThomasNACCU Staff Liaison
• Deric WaiteQuinnipiac University
• Richard WynnGeorgia Southern University (Board Liaison)
![Page 3: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/3.jpg)
What we focused on
• Card Program Highlights
Available online at NACCU
• Georgia Southern University (+ video)• University of Calgary (+ video)• Towson University (+ video)• Cuyahoga Community College• Duke University• Coming soon – University of Alberta
![Page 4: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/4.jpg)
What we focused on
Speedy Benchmark SurveysAvailable online at NACCU
• Operating Budgets: The Buying Power of NACCU members• Campus Card Office Online Accessibility• IT Support for the Campus Card Program• Preferred Names• Online Photo Submission• What would be of value to the NACCU Community?
• One question at a time preferred, no more than two• Able to ask series of questions to develop an idea
![Page 5: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/5.jpg)
Credential Vulnerabilities
NACCU listserve discussion: Card copying and secure credentials
Publically available technologies and services for cloning, spoofing, and forging student ID cards
Discussion of secure credential technologiesSeos (Bluetooth/NFC), EV1/Desfire (NFC), and Mobile
![Page 6: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/6.jpg)
Case Study‘Phantom’ Key Card Investigation
![Page 7: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/7.jpg)
Credential Vulnerabilities – Magnetic Stripe
![Page 8: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/8.jpg)
Credential Vulnerabilities – 125kHz Prox
![Page 9: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/9.jpg)
Credential Vulnerabilities – Legacy iCLASS
![Page 10: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/10.jpg)
Credential Vulnerabilities – MIFARE
![Page 11: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/11.jpg)
Credential Vulnerabilities – Kickstarter Chameleon
![Page 12: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/12.jpg)
Credential Vulnerabilities – Cloning Services
![Page 13: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/13.jpg)
Credential Vulnerabilities – Cloning Kiosks
![Page 14: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/14.jpg)
Common Mistakes on ‘Secure’ Credentials
• Reading insecure, unauthenticated Card Serial Number• Poor Key Management or Standard/Default keys • Unencrypted data payload• Credential number marked on the card• Open, untracked credential format• Reader configuration supporting secure credentials alongside legacy• Unencrypted communication from reader to panel
![Page 15: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/15.jpg)
Secure Credentials
Seos
Desfire/EV1
Mobile
![Page 16: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/16.jpg)
Discussion Questions
• What suggestions do you have for better interaction with the team?
• What suggestions do you have for the coming year?
![Page 17: NACCU Technology Research Committee...NACCU Technology Research Committee Barton Lawyer, John Bonass, Greg Jonason, Ben Anderson, Jay Kohn 2018 Committee Members • Rozie Amos University](https://reader034.fdocuments.in/reader034/viewer/2022042917/5f5c3dbd70ea1662641bd122/html5/thumbnails/17.jpg)
THANK YOU!