ก ก API Two-factor Authentication by Web Application API and J2ME. Software ก ก. : Two-factor Authentication, One Time Password, Packet Sniffer

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "ก ก API Two-factor Authentication by Web Application API and J2ME. Software ก ก. : Two-factor Authentication, One Time Password, Packet Sniffer"

Transcription

1 ก ก API J2ME Two-factor Authentication by Web Application API and J2ME Software 1 2 ก ก ก 41/20 ก : ก ก ก Username/Password ก Password ก ก User Knowledge ก ก ก ก ก ก Smart Card, RSA Secure ID Authentication User Possession ก Smart Card Reader RSA SecurID Tokens ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก Web Application API J2ME Software ก ก ก Two Factor ก ก ก ก ก ก ก ก J2ME Web Application API Module ก Web server ก ก.Abstract Most of web applications rely on username/password to authenticate users. However, the password is an authentication factor by "user knowledge" that can be sniffed or leaked by many ways. Previous solutions to this problem (such as smart card or RSA Secure ID authentication) use "user possession" as the other factor. Yet, smart card readers and RSA secure tokens causes More cost to invest and more devices to carry. In this paper, we design, implement and test a web application API and J2ME software to enhance authentication to web application. The new solution is cheaper. It requires only to preload J2ME software into users' mobile phone and a web application API module into the web server : Two-factor Authentication, One Time Password, Packet Sniffer 1. ก [7] (Authentication Factor) 3 1) User Knowledge ก ก Username/Password, PIN Code 2) User Possession ก Smart Card, Secure Token, ก 3) User Attribute ก ก ก User Knowledge ก Username/Password ก Password ก ก ก ก ก ก ก ก ก Ethereal [1], Wireshark 812

2 [3] ก Username/Password ก Smart Card Authentication [4], RSA SecurID Authentication [5] One Time Password [9] ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก กก (User Knowledge User Possession) ก ก ก User Knowledge ก Username/Password User Possession ก ก ก ก Module API ก Two Factor Authentication (TFA Module) ก J2ME ก Password Username/Password กก Password ก 1 ก ก ก ก ก ก 2 ก ก ก ก Smart Card Authentication, RSA SecurID Authentication One time Password 3 ก ก กก ก ก ก 2. ก 2.1 Smart Card Authentication [4] Smart Card Authentication ก ก User Possession ก Smart Card ก ก (Private Key) ก ก (Public Key Encryption) ก ก ก ก ก Smart Card ก Smart Card (Smart Reader) ก ก ก ก ก ก 1 1 ก Smart Card Authentication Smart Card Authentication ก Smart Card / ก Smart Reader Software 1,000-30,000 ก ก Smart Card Reader Smart Card ก ก Smart Card ก 2.2 RSA SecurID Authentication [9] RSA SecurID Authentication ก ก RSA ก ก User Possession RSA ก ก Secure Token ก ก ก ก ก Password ก ก RSA SecurID authentication 2 2 RSA SecurID authentication 813

3 RSA SecurID Authentication ก RSA SecurID (1) RSA ACE/Server (2) ก RSA SecurID Password Password ก ก ก RSA AEC/Server Password ก ก Password ก ก ก RSA SecurID Authentication ก AEC/Server RSA SecurID Token ก ก ก ก ก RSA SecurID Authentication ก ก Smart Card RSA SecurID ก Username/Password ก ก ก ก 2.3 Multi-factor Authentication [8] Multi-factor Authentication ก ก ก ก ก Knowledge Factor ก Possession Factor ก ก ก ก Multi-factor Authentication ก ก ก ก ก ก ก Password Web Application 2.4 One Time Password [9] One Time Password (OTP) ก ก ก ก ก Password ก OTP ก ก Password ก ก ก Login One Time Password Password User User Password Password ก ก Password 1 3. ก Username/Password ก ก ก Password ก ก Smart Card Authentication RSA SecurID Authentication ก ก ก ก ก ก ก 4. ก ก ก ก 1. Multi-factor Authentication Username/Password User Knowledge ก User Possession ก ก Module API Plug in ก ก Two-factor Authentication Module (TFA Module) ก J2ME User Possession ก TFA Module 2. ก ก User Possession ก Smart Card RSA SecurID Token ก ก ก ก ก J2ME ( ก ) 3. Cost ก Software Module ก ก J2ME ก ก 814

4 4. One Minute Password Password ก ก ก 1 ก ก Password ก Password 1 ก ก ก 4.1 ก Two-factor Authentication ก ก Two-factor Authentication ก 3 3 ก Two Factor Authentication ก 1. ก ก Server ก Client ก ก SSL [1] (Secure Socket Layer) ก ก ก 2. ก ก ก Password Password User Knowledge Password User Password ก ก Mobile Phone Password User กก ก J2ME Password ก ก User Password ก ก ก Password ก ก ก ก ก Password ก User 3. TFA Module API Module Plug in ก ก Two Factor Authentication Module API ก ก Password กก Ran ก J2ME 4. ก Mobile Phone Password J2ME Software User ก ก ก TFA Module Run Password ก User ก 5. ก Password 3 Password ก Mobile Phone Password ก Mobile Phone Password ก User Password ก ก ก Password ก ก TFA Module Password ก ก ก ก 6. User Password ก ก User Knowledge Mobile Phone Password ก ก ก ก Password User Knowledge ก Password Mobile Phone Password ก TFA Module ก ก Password J2ME User ก Login ก ก ก (Authorization) 4.2 ก Mobile Phone Password ก Mobile Phone Password J2ME Password ก ก ก TFA Module User ก ก Password 1. Organization Serial Number (OSN) Serial Number ก ก OSN ก Mobile Phone Password ก ก ก ก ก ก 815

5 2. Mobile Phone ID (MP ID) ID ก Mobile Phone MP ID ก Password ก ก ก OSN MP ID 3. Date/Time ก Password Password ก ก ก ก One Minute Password ก OSN ก MP ID ก Mobile Phone ก OSN MP ID ก ก Download ก J2ME ก ก ก ก 1 ก 64 th based On Function ก 1 ก Input Output ก ก Output ก ก ก 5 4 ก Mobile Phone Password ก! ก ก Mobile Phone Password 1 ก Input ก OSN, MPID, Date Time Input 240 Bit Bit ก Hash Function MD5 Bit Digest 128 Bit 3 Bit Digest 64 th based On Function ก Bit Digest(128 Bit) ก 22 ก (132 bit) Mobile Phone Password ก ก 64 th based On Function กก 5 Input Output 64 th based On Function 5. ก ก Run TFA Module ก Two-factor Authentication Module ก Import API ก Module ก ก Module ก Login ก 816

6 6 ก Login ก ก ก 5 ก Login ก ก MFT Module ก ก ก login ก 3 ก Server Username, Password Mobile Phone Password ก Login ก Server ก ก 7 ก ก ก J2ME ก 6 ก ก J2ME ก Mobile Phone Password ก ก ก ก ก ก ก Organization Serial Number (OSN ) Mobile Phone ID (MP ID) กก ก ก ก ก ก ก ก Password ก ก ก ก ก 1) Two-factor Authentication Username/Password User Knowledge ก User Possession ก TFA Module Password ก ก ก ก ก ก ก ก ก 2) Password ก 1 ก ก Password ก Password ก ก 1) User Possession ก ก กก ก J2ME ก MDT Module ก ก ก ก ก Smart Card Authentication RSA SeurID Authentication ก Smart Card RSA SeurID Token 2) ก Plug in TFA Module Server Password ก J2ME ก Module API ก Multi-factor Authentication ก ก Smart Card Smart Card RAS SecuID ACE Server 6. ก ก ก Knowledge Factor ก ก ก ก ก ก Possession Factor Possession Factor ก ก ก ก ก Possession Factor ก ก ก ก ก Password ก ก ก ก ก ก TFA Module API 817

7 ก Two Factor Authentication ก ก ก ก กก Two-factor Authentication ก ก 7. ก [1]. "Ethereal." Retrieved January 2009, fromhttp://www.ethereal.com/. [2]. "OpenSSL." Retrieved 13, 2009, from [3]. "Wireshark Released." Retrieved January 2009, fromhttp://www.wireshark.org/. [4] "Security token and smart card authentication." Retrieved January 2009, from id14_gci ,00.html. [5] Strong Two-Factor Authentication with RSA SecurID: 1-3. [6] Paul A, H. (2006). "Two-factor authentication a look behind the headlines." Network Security: [7] Simmom, G. J. (1998). "A Survey of Information Authentication." IEEE: [8] Tatum, M. "What is Multifactor Authentication?" Retrieved Janurary 2009, from [9] Tom Sheldon, B. S. M. (2001). "One-Time Password Authentication." Retrieved 13, 2009, from ml. 818

แนวปฏ บ ตท ด ส าหร บการควบค มความเส ยงของระบบงานเทคโนโลย สารสนเทศท สน บสน นธ รก จหล ก (IT Best Practices)

แนวปฏ บ ตท ด ส าหร บการควบค มความเส ยงของระบบงานเทคโนโลย สารสนเทศท สน บสน นธ รก จหล ก (IT Best Practices) แนวปฏ บ ต ท ด ส าหร บการควบค มความเส ยงของระบบงานเทคโนโลย สารสนเทศท สน บสน นธ รก จหล ก (IT Best Practices) ISO 27001 COSO COBIT แนวปฏ บ ตท ด ส าหร บการควบค มความเส ยงของระบบงานเทคโนโลย สารสนเทศท สน บสน

More information

The 7th National Conference on Computing and Information Technology. A Web-based Single Sign-on (SSO) using SAML 2.0

The 7th National Conference on Computing and Information Technology. A Web-based Single Sign-on (SSO) using SAML 2.0 ก ก ก SAML 2.0 A Web-based Single Sign-on (SSO) using SAML 2.0 (Tatchai Russameroj) 1 (Pornchai Mongkolnam) 2 ก ก ก (Kriengkrai Porkaew) 3 1, 2, 3 ก tum010@hotmail.com 1, pornchai@sit.kmutt.ac.th 2, porkaew@sit.kmutt.ac.th

More information

About the white paper: The pressure to demonstrate compliance with standards and regulations such as Sarbanes Oxley, HIPAA, PCI DSS and Basel II,

About the white paper: The pressure to demonstrate compliance with standards and regulations such as Sarbanes Oxley, HIPAA, PCI DSS and Basel II, TWO FACTOR AUTHENTICATION FOR THE IBM SYSTEM i WHITE PAPER MAY 2010 About the white paper: The pressure to demonstrate compliance with standards and regulations such as Sarbanes Oxley, HIPAA, PCI DSS and

More information

ค ม อการใช โปรแกรมร บ-ส งข อม ลอ เล กทรอน กส แบบท 1 ระหว างบร ษ ทประก นภ ยก บส าน กงาน คปภ. โดยว ธ การแบบปลอดภ ย แบบท 1 การร บ-ส งจดหมายโดยใช โปรแกรม MS Outlook Express 1.1 ว ธ ต ดต ง TOT ROOT CA Certificate

More information

Strong authentication of GUI sessions over Dedicated Links. ipmg Workshop on Connectivity 25 May 2012

Strong authentication of GUI sessions over Dedicated Links. ipmg Workshop on Connectivity 25 May 2012 Strong authentication of GUI sessions over Dedicated Links ipmg Workshop on Connectivity 25 May 2012 Agenda Security requirements The T2S U2A 2 Factor Authentication solution Additional investigation Terminal

More information

Replacing legacy twofactor. with YubiRADIUS for corporate remote access. How to Guide

Replacing legacy twofactor. with YubiRADIUS for corporate remote access. How to Guide Replacing legacy twofactor authentication with YubiRADIUS for corporate remote access How to Guide May 15, 2012 Introduction Disclaimer Yubico is the leading provider of simple, open online identity protection.

More information

Deployment Guide Mar-2016 rev. a. Integrating the Array Standalone Client with RSA Token Automation

Deployment Guide Mar-2016 rev. a. Integrating the Array Standalone Client with RSA Token Automation Deployment Guide Mar-2016 rev. a Integrating the Array Standalone Client with RSA Token Automation Table of Contents 1 Introduction... 2 2 Install the RSA SecurID Token Client... 3 3 Import the Token File

More information

RSA AUTHENTICATION AGENTS FOR MICROSOFT WINDOWS

RSA AUTHENTICATION AGENTS FOR MICROSOFT WINDOWS RSA AUTHENTICATION AGENTS FOR MICROSOFT WINDOWS Components Available with Each Version of RSA Agents for Microsoft Windows Agent Local Authentication Client RSA Authentication Agent 6.1.3 Remote Authentication

More information

Instructions for Using Secure Email. (SMail) via Outlook Web Access. with an RSA Token

Instructions for Using Secure Email. (SMail) via Outlook Web Access. with an RSA Token Instructions for Using Secure Email (SMail) via Outlook Web Access with an RSA Token Version 4 April 2010 Office of the Associate CIO for IT Support Services United States Department of Energy Requirements

More information

Workspot, Inc. RSA SecurID Ready Implementation Guide. Partner Information. Last Modified: September 16, 2013. Product Information Partner Name

Workspot, Inc. RSA SecurID Ready Implementation Guide. Partner Information. Last Modified: September 16, 2013. Product Information Partner Name RSA SecurID Ready Implementation Guide Partner Information Last Modified: September 16, 2013 Product Information Partner Name Web Site Product Name Version & Platform Product Description, Inc. workspot.com

More information

French Justice Portal. Authentication methods and technologies. Page n 1

French Justice Portal. Authentication methods and technologies. Page n 1 French Justice Portal Authentication methods and technologies n 1 Agenda Definitions Authentication methods Risks and threats Comparison Summary Conclusion Appendixes n 2 Identification and authentication

More information

Xerox DocuShare Security Features. Security White Paper

Xerox DocuShare Security Features. Security White Paper Xerox DocuShare Security Features Security White Paper Xerox DocuShare Security Features Businesses are increasingly concerned with protecting the security of their networks. Any application added to a

More information

BlackBerry Enterprise Server 5.0 SP3 and BlackBerry 7.1

BlackBerry Enterprise Server 5.0 SP3 and BlackBerry 7.1 BlackBerry Enterprise Server 5.0 SP3 and BlackBerry 7.1 Version: 5.0 Service Pack: 3 Security Technical Overview Published: 2012-01-17 SWD-1936256-0117012253-001 Contents 1 Document revision history...

More information

Protect Your Customers and Brands with Multichannel Two-Factor Authentication

Protect Your Customers and Brands with Multichannel Two-Factor Authentication SAP Brief Mobile Services from SAP SAP Authentication 365 Objectives Protect Your Customers and Brands with Multichannel Two-Factor Authentication Protecting your most valuable asset your customers Protecting

More information

CHECKLIST FOR THE MARKET SYSTEMS...

CHECKLIST FOR THE MARKET SYSTEMS... System Certification Guide For NEMS Systems Interfaces (Version 2.0) Page 1 of 16 Table of Contents 1 INTRODUCTION... 3 1.1 PURPOSE AND SCOPE... 3 2 CHECKLIST FOR THE MARKET SYSTEMS... 4 2.1 ACCESS TO

More information

How to integrate RSA ACE Server SecurID Authentication with Juniper Networks Secure Access SSL VPN (SA) with Single Node or Cluster (A/A or A/P)

How to integrate RSA ACE Server SecurID Authentication with Juniper Networks Secure Access SSL VPN (SA) with Single Node or Cluster (A/A or A/P) How to integrate RSA ACE Server SecurID Authentication with Juniper Networks Secure Access SSL VPN (SA) with Single Node or Cluster (A/A or A/P) Scenario # 1: Single Node or Standalone SA... 2 Scenario

More information

Lab 7. Answer. Figure 1

Lab 7. Answer. Figure 1 Lab 7 1. For each of the first 8 Ethernet frames, specify the source of the frame (client or server), determine the number of SSL records that are included in the frame, and list the SSL record types that

More information

Review Paper on Two Factor Authentication Using Mobile Phone (Android) ISSN 2319-9725

Review Paper on Two Factor Authentication Using Mobile Phone (Android) ISSN 2319-9725 Review Paper on Two Factor Authentication Using Mobile Phone (Android) ISSN 2319-9725 Rahul Kale Neha Gore Kavita Nilesh Jadhav Mr. Swapnil Shinde Bachelor s Degree program in Information Technology Engineering

More information

IMS Health Secure Outlook Web Access Portal. Quick Setup

IMS Health Secure Outlook Web Access Portal. Quick Setup IMS Health Secure Outlook Web Access Portal Purpose: This service has been developed to allow access to the IMS Health email system for staff that can not access the email system through VPN which is preferred

More information

Xerox DocuShare Private Cloud Service. Security White Paper

Xerox DocuShare Private Cloud Service. Security White Paper Xerox DocuShare Private Cloud Service Security White Paper Table of Contents Overview 3 Adherence to Proven Security Practices 3 Highly Secure Data Centers 4 Three-Tier Architecture 4 Security Layers Safeguard

More information

Allianz Global Investors Remote Access Guide

Allianz Global Investors Remote Access Guide Allianz Global Investors Remote Access Guide Web Address: http://remote.allianzgi-us.com/ Page 1 of 34 pages Please contact the Service Desk at Table of Contents 1. Introduction to the Remote Access Page

More information

RemotelyAnywhere. Security Considerations

RemotelyAnywhere. Security Considerations RemotelyAnywhere Security Considerations Table of Contents Introduction... 3 Microsoft Windows... 3 Default Configuration... 3 Unused Services... 3 Incoming Connections... 4 Default Port Numbers... 4 IP

More information

Enhancing Web Application Security

Enhancing Web Application Security Enhancing Web Application Security Using Another Authentication Factor Karen Lu and Asad Ali Gemalto, Inc. Technology & Innovations Austin, TX, USA Overview Introduction Current Statet Smart Cards Two-Factor

More information

YubiRADIUS Deployment Guide for corporate remote access. How to Guide

YubiRADIUS Deployment Guide for corporate remote access. How to Guide YubiRADIUS Deployment Guide for corporate remote access How to Guide May 15, 2012 Introduction Disclaimer Yubico is the leading provider of simple, open online identity protection. The company s flagship

More information

Copyright 2005-2007 MyPW LLC.

Copyright 2005-2007 MyPW LLC. Simple & Secure Authentication It's common knowledge that most people use the same or similar passwords wherever they have an online account. Because of this, it can only take one security breach for Identity

More information

OWA/2-Factor Authentication VPN FAQ. Outlook Web Access (OWA) QUESTIONS

OWA/2-Factor Authentication VPN FAQ. Outlook Web Access (OWA) QUESTIONS Outlook Web Access (OWA) QUESTIONS Q1. With OWA and ActiveSync going away, how does an employee/contractor access Outlook (email, calendar and contacts)? A1. An employee must use their government/contractor

More information

Two-Factor Authentication

Two-Factor Authentication Two-Factor Authentication This document describes SonicWALL s implementation of two-factor authentication for SonicWALL SSL-VPN appliances. This document contains the following sections: Feature Overview

More information

Quest Soft Token for Windows Phone User Guide

Quest Soft Token for Windows Phone User Guide Quest Soft Token for Windows Phone User Guide What is the Quest Soft Token for Windows Phone? The Quest Soft Token for Windows Phone is a two-factor authentication token that can be used with any OATH-compliant

More information

Authorize.net modules for oscommerce Online Merchant.

Authorize.net modules for oscommerce Online Merchant. Authorize.net Authorize.net modules for oscommerce Online Merchant. Chapters oscommerce Online Merchant v2.3 Copyright Copyright (c) 2014 oscommerce. All rights reserved. Content may be reproduced for

More information

Multifactor authentication systems Jiří Sobotka, Radek Doležel

Multifactor authentication systems Jiří Sobotka, Radek Doležel Multifactor authentication systems Jiří Sobotka, Radek Doležel Fakulta elektrotechniky a komunikačních technologií VUT v Brně Email: sobotkaj@feec.vutbr.cz Fakulta elektrotechniky a komunikačních technologií

More information

Strong Authentication for Secure VPN Access

Strong Authentication for Secure VPN Access Strong Authentication for Secure VPN Access Solving the Challenge of Simple and Secure Remote Access W H I T E P A P E R EXECUTIVE SUMMARY In today s competitive and efficiency-driven climate, organizations

More information

Cisco Secure ACS. By Igor Koudashev, Systems Engineer, Cisco Systems Australia ivk@cisco.com. 2006 Cisco Systems, Inc. All rights reserved.

Cisco Secure ACS. By Igor Koudashev, Systems Engineer, Cisco Systems Australia ivk@cisco.com. 2006 Cisco Systems, Inc. All rights reserved. Cisco Secure ACS Overview By Igor Koudashev, Systems Engineer, Cisco Systems Australia ivk@cisco.com 2006 Cisco Systems, Inc. All rights reserved. 1 Cisco Secure Access Control System Policy Control and

More information

Security Technical. Overview. BlackBerry Enterprise Server for Microsoft Exchange. Version: 5.0 Service Pack: 4

Security Technical. Overview. BlackBerry Enterprise Server for Microsoft Exchange. Version: 5.0 Service Pack: 4 BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 4 Security Technical Overview Published: 2014-01-17 SWD-20140117135425071 Contents 1 New in this release...10 2 Overview...

More information

7.1. Remote Access Connection

7.1. Remote Access Connection 7.1. Remote Access Connection When a client uses a dial up connection, it connects to the remote access server across the telephone system. Windows client and server operating systems use the Point to

More information

GoldKey Product Info. Do not leave your Information Assets at risk Read On... Detailed Product Catalogue for GoldKey

GoldKey Product Info. Do not leave your Information Assets at risk Read On... Detailed Product Catalogue for GoldKey GoldKey Product Info Detailed Product Catalogue for GoldKey Do not leave your Information Assets at risk Read On... GoldKey: Reinventing the Security Strategy The Changing Landscape of Data Security With

More information

Securing e-government Web Portal Access Using Enhanced Two Factor Authentication

Securing e-government Web Portal Access Using Enhanced Two Factor Authentication Securing e-government Web Portal Access Using Enhanced Two Factor Authentication Ahmed Arara 1, El-Bahlul Emhemed Fgee 2, and Hamdi Ahmed Jaber 3 Abstract This paper suggests an advanced two-factor authentication

More information

Lieberman Software. RSA SecurID Ready Implementation Guide. Account Reset Console. Partner Information. Last Modified: March 20 th, 2012

Lieberman Software. RSA SecurID Ready Implementation Guide. Account Reset Console. Partner Information. Last Modified: March 20 th, 2012 RSA SecurID Ready Implementation Guide Last Modified: March 20 th, 2012 Partner Information Product Information Partner Name Web Site Product Name Lieberman Software Corporation www.liebsoft.com Version

More information

RSA SecurID Software Token 1.3 for iphone and ipad Administrator s Guide

RSA SecurID Software Token 1.3 for iphone and ipad Administrator s Guide RSA SecurID Software Token 1.3 for iphone and ipad Administrator s Guide Contact Information See the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks

More information

RSA SecurID Software Token 1.0 for Android Administrator s Guide

RSA SecurID Software Token 1.0 for Android Administrator s Guide RSA SecurID Software Token 1.0 for Android Administrator s Guide Contact Information See the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks RSA,

More information

SharePlus Enterprise: Security White Paper

SharePlus Enterprise: Security White Paper INFRAGISTICS, INC. SharePlus Enterprise: Security White Paper Security Overview Anand Raja, Gustavo Degeronimi 6/29/2012 SharePlus ensures Enterprise data security by implementing and interoperating with

More information

Ultra-strong authentication to protect network access and assets

Ultra-strong authentication to protect network access and assets proven. trusted. Ultra-strong authentication to protect network access and assets ESET Secure Authentication provides powerful authentication to make remote access to the company network and sensitive

More information

The increasing popularity of mobile devices is rapidly changing how and where we

The increasing popularity of mobile devices is rapidly changing how and where we Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to

More information

White Paper. The risks of authenticating with digital certificates exposed

White Paper. The risks of authenticating with digital certificates exposed White Paper The risks of authenticating with digital certificates exposed Table of contents Introduction... 2 What is remote access?... 2 Authentication with client side digital certificates... 2 Asymmetric

More information

ZyWALL OTPv2 Support Notes

ZyWALL OTPv2 Support Notes ZyWALL OTPv2 Support Notes Revision 1.00 September, 2010 Written by CSO Table of Contents 1. Introduction... 3 2. Server Installation... 7 2.1 Pre-requisites... 7 2.2 Installations walk through... 7 3.

More information

Economic and Social Council

Economic and Social Council UNITED NATIONS E Economic and Social Council Distr. GENERAL ECE/TRANS/WP.30/AC.2/2008/2 21 November 2007 Original: ENGLISH ECONOMIC COMMISSION FOR EUROPE Administrative Committee for the TIR Convention,

More information

CRYPTOGRAPHY AS A SERVICE

CRYPTOGRAPHY AS A SERVICE CRYPTOGRAPHY AS A SERVICE Peter Robinson RSA, The Security Division of EMC Session ID: ADS R01 Session Classification: Advanced Introduction Deploying cryptographic keys to end points such as smart phones,

More information

VMware Horizon View for SMS PASSCODE SMS PASSCODE 2014

VMware Horizon View for SMS PASSCODE SMS PASSCODE 2014 VMware Horizon View for SMS PASSCODE SMS PASSCODE 2014 VMware View Radius authentication configuration for SMS PASSCODE With the introduction of RADIUS authentication support in VMware View it is possible

More information

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services 1 HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided

More information

Citrix Netscaler Advanced guide for SMS PASSCODE SMS PASSCODE 2014

Citrix Netscaler Advanced guide for SMS PASSCODE SMS PASSCODE 2014 Citrix Netscaler Advanced guide for SMS PASSCODE SMS PASSCODE 2014 Citrix Netscaler Advanced guide for SMS PASSCODE. This document outlines configuration scenarios with SMS PASSCODE and Citrix Netscaler.

More information

VIRTUAL PRIVATE NETWORKS (VPN) Niti gupta

VIRTUAL PRIVATE NETWORKS (VPN) Niti gupta VIRTUAL PRIVATE NETWORKS (VPN) Niti gupta Traditional Connectivity [From Gartner Consulting] What is VPN? Virtual Private Network is a type of private network that uses public telecommunication, such as

More information

STRONGER AUTHENTICATION for CA SiteMinder

STRONGER AUTHENTICATION for CA SiteMinder STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive

More information

Digital Signatures on iqmis User Access Request Form

Digital Signatures on iqmis User Access Request Form Digital Signatures on iqmis User Access Request Form When a user clicks in the User Signature block on the iqmis Access Form, the following window appears: Click Save a Copy and rename it with your name,

More information

Facebook s Security Philosophy, and how Duo helps.

Facebook s Security Philosophy, and how Duo helps. Facebook s Security Philosophy, and how Duo helps. How Duo Factors in to Facebook s Information Security Philosophy The Challenge: Facebook manages personal data for 1.19 billion active users 1 across

More information

Internet Banking Two-Factor Authentication using Smartphones

Internet Banking Two-Factor Authentication using Smartphones Internet Banking Two-Factor Authentication using Smartphones Costin Andrei SOARE IT&C Security Master Department of Economic Informatics and Cybernetics Bucharest University of Economic Studies, Romania

More information

Technical Overview N2EX

Technical Overview N2EX 25.09.2014 Espen Døvle Technical Overview N2EX Nord Pool Spot AS Tel +47 6710 9100 Fax +47 6710 9101 PO Box 121, NO-1325 Lysaker, Norway Org nr. NO 984 058 098 MVA norway@npspot.com www.nordpoolspot.com

More information

HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services

HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided

More information

Stonesoft Corp. Stonegate Firewall and VPN

Stonesoft Corp. Stonegate Firewall and VPN Stonesoft Corp. Stonegate Firewall and VPN RSA SecurID Ready Implementation Guide Last Modified: February 2, 2011 Partner Information Product Information Partner Name Stonesoft Corp. Web Site www.stonesoft.com

More information

1. DNS Primary zone DNS. user name : train password : p@ssw0rd (Computer name) clientxx (xx ก ก ). 27 www.kroonis.org

1. DNS Primary zone DNS. user name : train password : p@ssw0rd (Computer name) clientxx (xx ก ก ). 27 www.kroonis.org 1 DNS 1. DNS Primary zone DNS ก Vmware Windows 7 ก (Clients) ก Image Windows 7 Network NAT user name : train password : p@ssw0rd (Computer name) clientxx (xx ก ก ) ก DNS clientxx Server 192.168.1.38 Server

More information

Securing Physician and Patient Portals for HIPAA Compliance

Securing Physician and Patient Portals for HIPAA Compliance Securing Physician and Patient Portals for HIPAA Compliance HIPAA Summit VIII Session 2.04 1:00 2:00 pm March 8 1 Agenda Identity and Access Management Technology and HIPAA Requirements Bob Tahmaseb, Principal

More information

How CA Arcot Solutions Protect Against Internet Threats

How CA Arcot Solutions Protect Against Internet Threats TECHNOLOGY BRIEF How CA Arcot Solutions Protect Against Internet Threats How CA Arcot Solutions Protect Against Internet Threats we can table of contents executive summary 3 SECTION 1: CA ArcotID Security

More information

External authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

External authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy External authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010

More information

Multi-Factor Authentication for first time users

Multi-Factor Authentication for first time users Multi-Factor Authentication for first time users **Multi-Factor Authentication will be required for all Duke University accounts on July 1 st, 2016.** What is Multi-Factor Authentication (MFA)?? Multi-factor

More information

Ultra-strong authentication to protect network access and assets

Ultra-strong authentication to protect network access and assets Ultra-strong authentication to protect network access and assets ESET Secure Authentication provides powerful authentication to make remote access to the company network and sensitive data safe, but hassle-free.

More information

USB etoken and USB Flash Features Support

USB etoken and USB Flash Features Support USB etoken and USB Flash Features Support USB etoken and USB Flash Features Support Cisco Integrated Services Routers provide secure, wire-speed delivery of concurrent data, voice, and video services (Figure

More information

Spreed Keeps Online Meetings Secure. Online meeting controls and security mechanism. www.spreed.com

Spreed Keeps Online Meetings Secure. Online meeting controls and security mechanism. www.spreed.com Spreed Keeps Online Meetings Secure Online meeting controls and security mechanism www.spreed.com Spreed Online Meeting is protected by the most advanced security features. Rest assured that your meetings

More information

RSA SecurID Software Token Security Best Practices Guide

RSA SecurID Software Token Security Best Practices Guide RSA SecurID Software Token Security Best Practices Guide Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com. Trademarks RSA, the RSA

More information

This document shows new Citrix users how to set up and log in to their Citrix account.

This document shows new Citrix users how to set up and log in to their Citrix account. Citrix Set up Set up and Log in to Citrix Objective: This document shows new Citrix users how to set up and log in to their Citrix account. Procedure This document shows you how to set up and log in to

More information

Configuring Moxa Nport SMS PASSCODE 2014

Configuring Moxa Nport SMS PASSCODE 2014 SMS PASSCODE 2014 This is a Tech Guide for engineering staff installing SMS PASSCODE with a Moxa Nport Ethernet to Serial connectivity converter enabling network-connected modems. Setting up Static IP

More information

Ultra-strong authentication to protect network access and assets

Ultra-strong authentication to protect network access and assets Ultra-strong authentication to protect network access and assets ESET Secure Authentication provides powerful authentication to make remote access to the company network and sensitive data safe, but hassle-free.

More information

ANZ TRANSACTIVE TECHNICAL SPECIFICATIONS GUIDE

ANZ TRANSACTIVE TECHNICAL SPECIFICATIONS GUIDE ANZ TRANSACTIVE TECHNICAL SPECIFICATIONS GUIDE 01.2016 CONTENTS 1. SUMMARY 3 2. SYSTEMS OVERVIEW 4 3. CLIENT TECHNICAL SPECIFICATION 5 3.1 Usage Considerations 5 3.2 Summary Specification 5 > > 3.2.1 Summary

More information

Computer Networking LAB 2 HTTP

Computer Networking LAB 2 HTTP Computer Networking LAB 2 HTTP 1 OBJECTIVES The basic GET/response interaction HTTP message formats Retrieving large HTML files Retrieving HTML files with embedded objects HTTP authentication and security

More information

Accessing Derbyshire County Council s Outlook Web Access (OWA) Service. Smart Phone App version

Accessing Derbyshire County Council s Outlook Web Access (OWA) Service. Smart Phone App version Accessing Derbyshire County Council s Outlook Web Access (OWA) Service Smart Phone App version Contents About this guide... 2 Before accessing Outlook Web Access... 3 Accessing Outlook Web Access (OWA)

More information

Experian Secure Transport Service

Experian Secure Transport Service Experian Secure Transport Service Secure Transport Overview In an effort to provide higher levels of data protection and standardize our file transfer processes, Experian will be utilizing the Secure Transport

More information

A SECURE COMMUNICATION IN SMART PHONES USING TWO FACTOR AUTHENTICATIONS

A SECURE COMMUNICATION IN SMART PHONES USING TWO FACTOR AUTHENTICATIONS A SECURE COMMUNICATION IN SMART PHONES USING TWO FACTOR AUTHENTICATIONS Soumya Murali 1, Anitha.B 2, Anitha Mary Paul 3 1, 2, 3 Assistant Professor, 1, 2 Sree Buddha College of Engineering, Pattoor, Alappuzha,

More information

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 Merlin House

More information

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

HOTPin Integration Guide: Google Apps with Active Directory Federated Services HOTPin Integration Guide: Google Apps with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as

More information

SafeWord Domain Login Agent Step-by-Step Guide

SafeWord Domain Login Agent Step-by-Step Guide SafeWord Domain Login Agent Step-by-Step Guide Author Johan Loos Date January 2009 Version 1.0 Contact johan@accessdenied.be Table of Contents Table of Contents... 2 Why SafeWord Agent for Windows Domains?...

More information

Network A. Network. Network C. Network B

Network A. Network. Network C. Network B Post-IP technologies virtualization and security Guy Pujolle 1 Virtualization for a post-ip network 2 Geni Intel would like to propose a generic router Intel proposes to have a generic hardware with virtual

More information

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN) MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

More information

Why it s Time to Make the Change Analysis of Current Technologies for Multi-Factor Authentication in Active Directory

Why it s Time to Make the Change Analysis of Current Technologies for Multi-Factor Authentication in Active Directory GoldKey vs RSA Why it s Time to Make the Change Analysis of Current Technologies for Multi-Factor Authentication in Active Directory WideBand Corporation www.goldkey.com Analysis of Current Technologies

More information

TFS ApplicationControl White Paper

TFS ApplicationControl White Paper White Paper Transparent, Encrypted Access to Networked Applications TFS Technology www.tfstech.com Table of Contents Overview 3 User Friendliness Saves Time 3 Enhanced Security Saves Worry 3 Software Componenets

More information

PrivateServer HSM Integration with Microsoft IIS

PrivateServer HSM Integration with Microsoft IIS PrivateServer HSM Integration with Microsoft IIS January 2014 Document Version 1.1 Notice The information provided in this document is the sole property of Algorithmic Research Ltd. No part of this document

More information

Session #56. Two-Factor Authentication. Steven Burke & James McMahon U.S. Department of Education

Session #56. Two-Factor Authentication. Steven Burke & James McMahon U.S. Department of Education Session #56 Two-Factor Authentication Steven Burke & James McMahon U.S. Department of Education Project Overview To comply with the White House through the United States Office of Management and Budget

More information

แนวโน มของ Unified Communication Technology

แนวโน มของ Unified Communication Technology แนวโน มของ Unified Communication Technology สราว ธ ต นา The Communication Solution Company Limited Enterprise Communication Department 1of 53 2of 53 ว นพ ธท 19 ธ นวาคม 2550 ห องประช มก าพล อด ลว ทย เวลา

More information

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates Entrust Managed Services Entrust Managed Services PKI Configuring secure LDAP with Domain Controller digital certificates Document issue: 1.0 Date of issue: October 2009 Copyright 2009 Entrust. All rights

More information

Release Notes. NCP Secure Client Juniper Edition. 1. New Features and Enhancements. 2. Problems Resolved

Release Notes. NCP Secure Client Juniper Edition. 1. New Features and Enhancements. 2. Problems Resolved NCP Secure Client Juniper Edition Service Release: 9.30 Build 102 Date: February 2012 1. New Features and Enhancements The following describe the new features introduced in this release: Visual Feedback

More information

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER with Convenience and Personal Privacy version 0.2 Aug.18, 2007 WHITE PAPER CONTENT Introduction... 3 Identity verification and multi-factor authentication..... 4 Market adoption... 4 Making biometrics

More information

Entrust IdentityGuard Comprehensive

Entrust IdentityGuard Comprehensive Entrust IdentityGuard Comprehensive Entrust IdentityGuard Comprehensive is a five-day, hands-on overview of Entrust Course participants will gain experience planning, installing and configuring Entrust

More information

Standardizing PKI in Higher Education Apple PKI and Universal Hi-Ed Spec proposal

Standardizing PKI in Higher Education Apple PKI and Universal Hi-Ed Spec proposal Standardizing PKI in Higher Education Apple PKI and Universal Hi-Ed Spec proposal Shawn Geddis Security Consulting Engineer, Apple Enterprise geddis@apple.com 703-264-5103 1 Agenda A View of Apples PKI

More information

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213 Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213 UNCLASSIFIED Example http ://www. greatstuf f. com Wants credit card number ^ Look at lock on browser Use https

More information

Release Notes. NCP Secure Entry Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3. Known Issues

Release Notes. NCP Secure Entry Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3. Known Issues NCP Secure Entry Mac Client Service Release 2.05 Build 14711 December 2013 Prerequisites Apple OS X Operating System: The following Apple OS X operating system versions are supported with this release:

More information

Authentication Levels. White Paper April 23, 2014

Authentication Levels. White Paper April 23, 2014 Summary White Paper April 23, 2014 This document describes levels of authentication that can be utilized for users known and unknown to gain access to applications and solutions. Summary... 1 Description...

More information

A Feasible and Cost Effective Two-Factor Authentication for Online Transactions

A Feasible and Cost Effective Two-Factor Authentication for Online Transactions A Feasible and Cost Effective Two-Factor Authentication for Online Transactions Jing-Chiou Liou Deaprtment of Computer Science Kean University 1000 Morris Ave. Union, NJ 07083, USA jliou@kean.edu Sujith

More information

RSA SecurID Two-factor Authentication

RSA SecurID Two-factor Authentication RSA SecurID Two-factor Authentication Today, we live in an era where data is the lifeblood of a company. Now, security risks are more pressing as attackers have broadened their targets beyond financial

More information

One Time Password Generation for Multifactor Authentication using Graphical Password

One Time Password Generation for Multifactor Authentication using Graphical Password One Time Password Generation for Multifactor Authentication using Graphical Password Nilesh B. Khankari 1, Prof. G.V. Kale 2 1,2 Department of Computer Engineering, Pune Institute of Computer Technology,

More information

RSA Authentication Agent 7.2 for Microsoft Windows Installation and Administration Guide

RSA Authentication Agent 7.2 for Microsoft Windows Installation and Administration Guide RSA Authentication Agent 7.2 for Microsoft Windows Installation and Administration Guide Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com

More information

Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0. Accellion, Inc.

Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0. Accellion, Inc. Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0 Accellion, Inc. December 24, 2009 Copyright Accellion, Inc. 2009. May be reproduced only in its original entirety

More information

Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper

Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper StrikeForce Technologies, Inc. 1090 King Georges Post Rd. Edison, NJ 08837, USA Tel: 732 661-9641 Fax: 732 661-9647 http://www.sftnj.com

More information

ipad or iphone with Junos Pulse and Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

ipad or iphone with Junos Pulse and Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy ipad or iphone with Junos Pulse and Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 1210 Parkview Arlington

More information

A brief on Two-Factor Authentication

A brief on Two-Factor Authentication Application Note A brief on Two-Factor Authentication Summary This document provides a technology brief on two-factor authentication and how it is used on Netgear SSL312, VPN Firewall, and other UTM products.

More information