Simplifying Security with Datakey Axis Single Sign-On. White Paper
|
|
- Morris Shields
- 8 years ago
- Views:
Transcription
1 Simplifying Security with Datakey Axis Single Sign-On White Paper
2 Copyright and trademark notice 2003 Datakey Inc. All rights reserved. Version 1.0 No part of this document may be reproduced or retransmitted in any form or by any means electronic, mechanical, or otherwise, including photocopying and recording for any purpose other than the purchaser s personal use without written permission of Datakey, Inc. Datakey is a registered trademark of Datakey, Inc. Datakey Axis and Rapid Deploy Technology are trademarks of Datakey, Inc. Microsoft is a registered trademark of Microsoft Corporation. Windows, Windows 2000, and Windows XP are registered trademarks of Microsoft Corporation.
3 Introduction Passwords aren't going away anytime soon. In a recent survey by Information Week magazine, over 90% of U.S. companies reported that passwords were their primary method of access control. This number has changed very little over the years despite the myriad of strong authentication access control products available on the market. Why do passwords continue to have such predominance in the industry, even with all the vulnerabilities, user frustrations, and management costs associated with them? Because passwords have become embedded in our social and corporate cultures moving away from password-based systems would require a major shift in both our social ideology and in our corporate infrastructures. This white paper takes a closer look at the password dilemma and at the access control alternatives that have been used in an attempt to replace passwords. It then introduces Datakey Axis, a new product by Datakey, Inc. Datakey Axis uses automated Single Sign-On (SSO) enabling technology (patent pending) and integrated smart card and USB token technology to provide the broadest application coverage while reducing the administrative burden, cost, and user pain associated with password-based access controls. All this is provided while enhancing security and increasing user productivity. Surveying the Access Control and Single Sign-On Landscape Passwords aren't free. As the number of applications that each user must access increases, the cost associated with managing these passwords and their impact on the user keeps rising. IT organizations are confronted with the following realities surrounding the use of passwords: The number of systems, Web sites, networks, applications, etc. requiring user name/password authentication is increasing. Users are confronted with a growing list of passwords to remember. Passwords are subject to sniffing, sharing, brute force attacks, dictionary attacks, theft, social engineering, personal information gathering, and just plain guessing. Strong password policies are difficult and costly to enforce. A strong password typically consists of a random set of characters, is at least 8 characters long, and is changed frequently. However, the more complex the password, the harder it becomes to remember. Users either end up writing down their passwords and saving them someplace for easy access (completely undermining security) or they forget them, requiring a call to the help desk to reset their password. Significant industry statistics indicate that 30% - 50% of a help desk's resources are consumed in managing and resetting passwords. End-user resistance to strong passwords remains a major obstacle. Unless this obstacle can be removed passwords will continue to be abused and will continue to pose a serious security vulnerability. Government regulations being imposed on certain organizations are requiring their respective IT organizations to impose better access control mechanisms. At a minimum these regulations will require the enforcement of stronger password policies. Some of these regulations are listed below. Gramm-Leach-Bliley Act, Title V: Requires financial institutions to have a written, comprehensive security policy to protect the security and confidentiality of a customer's non-public, personal information. Health Insurance Portability and Accountability Act of 1996 (HIPAA): Requires that health service providers ensure the security and privacy of healthcare information. Sarbanes-Oxley Act of 2002: Requires more stringent reporting requirements, mandating internal technology controls on financial reporting systems. In response to the need to address the realities associated with passwords, a variety of access control products have become available over the past several years that have displaced traditional passwords with other, stronger authentication mechanisms. Examples include dynamic (one-time use) passwords, digital certificates, biometrics, symbol manipulation, and cookies. One goal of these products, in addition to enhanced security, is the attainment of a single sign-on solution in which the user only has to authenticate him/herself once during a session. However, the acceptance of these single signon solutions has not been universal because they have not adequately dealt with a variety of objections. These objections are the primary reason that passwords retain their widespread use. Table 1 describes a variety of approaches that are employed by existing products and the objections that restrain their wide-spread deployment. Datakey Axis Single Sign-On White Paper 1
4 Table 1: Single sign-on approaches and objections Approach Password Synchronization Objections Limited SSO application coverage. Each application or server needs an agent installed on it. Single point of weakness. Use of the same password for all applications reduces security. Strong password must still be memorized. Limited to password-based security levels. Must still enter a password for each access request. Authentication Server Limited SSO coverage. Agents need to be installed on each application, host and server. Also, solutions are generally limited to network, VPN, and remote access authentication. Tokens, which are bulky and inconvenient to carry, are limited to providing a single security function. Need to configure separate server(s) and often separate user databases. Time consuming for the user to generate and enter a one-time password response. Complex management. Expensive recurring costs. Web Access Management Provides SSO coverage for Web enabled applications only. Requires Web server and/or application plug-ins to be installed. Need to configure separate server(s). Proximity (RFID) Card Single factor (weak) authentication. Expensive reader technology. Servers need to be installed and configured. Reliability issues exist when multiple card holders are in close proximity. Certificate-based Requires a PKI to be installed (complex and expensive). Private key protection is always a concern. Growing but still limited set of applications are PKI enabled. Traditional Client-based Approach Weak credential protection with software based security or memory smart cards and tokens. No central management control. The end-user controls password management. Scripting often required for expanded application coverage imposing time and expertise demands on IT resources. 2 DatakeyAxisSingleSign-OnWhitePaper
5 Simplifying Security and Single Sign-On Single sign-on solutions do not have to be complex, limited in their application coverage, or a burden on the end user. The single sign-on solution that IT is looking for and which removes the objections to existing products is here today. It is Datakey Axis, which provides IT with: Comprehensive SSO application coverage. Centralized management of application access and password policy. Simple and fast set-up and deployment not requiringanitproject. Acceptance by the user community, removing the burden from the user to remember or manage multiple passwords. Enhanced security with two-factor authentication and automated enforcement of strong password policies. Immediate cost savings that will allow deployment within existing budgets. Datakey has made this simplified security and single sign-on solution possible with the integration of two key technologies: Datakey s smart card technology and Datakey's Rapid Deploy Technology. Each of these technologies is discussed in detail in the following sections. Smart Card Technology Smart card technology is now a mature technology that has opened up tremendous new opportunities for enhancing and simplifying security solutions. Because of their familiar and acceptable form factor (either a credit card-sized card or a USB token), their processing power and storage capacity, and their certified mechanisms for securing digital credentials and other data, smart cards are becoming a preferred approach for securing access to on-line services and applications. Microsoft has validated this belief with their greatly expanded smart card support in Windows 2000, Windows XP, and the Windows Server 2003 product suites. A smart card (and its USB token equivalent) is a hardware device that is used to store private information. The information stored on the smart card cannot be accessed unless the owner of the card logs on to the card with a pass phrase or PIN, much the same way a person enters a PIN to use an ATM card. Smart cards enable what is known as "two-factor" security: something that you have (the smart card) and something that you know (the passphrase). Two-factor security controls access to the card's cryptographic functions and private information. Typically, smart cards have only been deployed as vehicles to provide secure storage for private keys and certificates in PKI and VPN environments. Cryptographic smart cards have been the perfect complement to VPN solutions for enterprises that needed secure remote access to enterprise networks. However, multi-function smart cards, such as those provided by Datakey, have many additional capabilities that enable stronger, yet simpler, security solutions while providing organizations with increased value-add and benefits. Some of these benefits include: Security: Independently certified protection (FIPS Level 2) for your private information. Portability: Your digital credentials and private information go wherever you go. Flexibility: A smart card can be used to store a variety of information and be used for a variety of security functions such as cryptographic functions, credential storage, physical access control and logical access control. Simplicity: Your many passwords can be stored securely on a single smart card. In addition, you are less likely to lose a smart card than forget a password. Ease of use: Simple insertion of a smart card into a reader and the entry of a passphrase unlocks a variety of automated security functions when used in conjunction with Datakey Axis. Upgradeability: Smart cards are easily upgraded to support biometrics, PKI and other security functions without needing to replace existing user cards. Datakey s Rapid Deploy Technology Datakey's Rapid Deploy Technology features an intuitive drag and drop "training" mechanism (patent pending) for collecting the intelligence needed for recognizing the application login or change password dialogs. It forwards that intelligence into an "information store" for use by the user client software. This "training" process incorporates technology and processes that are unique in the industry and that has the ability to address the various types of GUI technologies employed by applications without being dependent upon costly and time-consuming scripting. This provides the administrator with the ability to rapidly set-up single sign-on coverage for all applications. Datakey Axis Single Sign-On White Paper 3
6 Datakey's Rapid Deploy Technology also integrates additional technologies to address IT s need for simplicity, cost reduction, and user transparency. These additional technologies include: A client-based architecture that does not require any applications or hosts to be "touched" by agents or plug-ins, or for new server components to be installed and maintained. The leveraging of the Microsoft Installer (MSI) installation standard for easy and automated deployment and automated updates of policy client software. The centralized management of application access privileges and of credential and software update maintenance. Datakey Axis is the first product to tap into the full potential of smart card technology and redefine the way smart cards are used, enhancing the strength of security solutions and bringing simplicity to all involved (administrators and end users). The Datakey Axis Solution General capabilities Datakey Axis is a smart card-based solution that simplifies access control. Organizations that are not in a position to displace their current password-based security infrastructure, but who need relief from the cost of managing these passwords, can get that relief while at the same time enhancing security with automatic enforcement of stronger password policies. Additionally, with Datakey Axis, you can take advantage of a variety of additional uses for smart cards within your organization, both in PKI and non-pki environments. An organization may wish to enhance their password-based access control within their current non-pki environment, but leave open the possibility for migrating to a PKI-based access control solution or a biometrics solution in the future. Datakey Axis allows this migration to occur with ease. It also enables an organization to use the same smart card for employee badging and/or facility access control purposes. Single Sign-On capabilities Datakey Axis provides one of the simplest, and broadest application coverage, single sign-on solutions available on the market. It allows a user to log on to their smart card and then never have to worry about entering another user name and password. The user names and passwords are all stored securely on the user's smart card and automatically retrieved as needed when the user requires access to a service or application. The Datakey Axis client software has the intelligence to recognize the login dialog box for each application. It automatically retrieves the necessary login information from the smart card, enters the information into the proper fields, and then submits the login response on behalf of the user. If a change password dialog appears, this too is automatically recognized by Datakey Axis. A random, strong password is generated and stored as the new password on the user's smart card. The user no longer needs to remember (or even know) their passwords, since they are managed automatically without user involvement. With Datakey Axis, users are given an access control solution that enables them to be a security advocate. The user no longer needs to write down passwords, put sticky notes on the PC monitor, or pack their wallets with critical organization security codes. The only item in their wallets or on their desks is a secure, tamper proof smart card. How Datakey Axis Works Datakey Axis is a client-based product that an administrator can configure and install from his/her workstation. A powerful Datakey Axis Management Center allows the administrator to easily integrate with Microsoft Active Directory for user/group definitions and to bind them to the applications they are allowed to access. The Microsoft Certificate Authority is also automatically engaged if digital certificates are needed. Support for additional Directories and Certificate Authorities is planned in the near future. The Datakey Axis Policy Client software that is installed on the user's workstation is pre-configured by the administrator with the permitted functionality plus application access privileges. The Datakey Axis Management Center includes patent-pending "training" technology that enables the administrator to use a simple drag-and-drop process to interrogate the login and change password screens for each application and insert the captured intelligence into the user's Policy Client software. This enables the client software to automatically recognize the login and change password screens for each application, retrieve the appropriate user credentials from the smart card, insert them into the appropriate fields and submit the response back to the application. Once the user's Policy Client software is pre-configured it is then automatically distributed for installation on the user's workstation via Microsoft GPO, SMS, or some other 3rd party MSI-compliant dis- 4 DatakeyAxisSingleSign-OnWhitePaper
7 tribution tool. The end-user is left with a simple initial enrollment process that captures their existing application login information. All subsequent access control needs are automatically provided for via the smart card and Datakey Axis. is able to remove the objections encountered with other SSO products. Table 2 summarizes the many features and benefits of Datakey Axis. Because the Datakey Axis architecture and design is built upon proven smart card technology, Datakey Axis Table 2: Datakey Axis Features and Benefits Datakey Axis Features Comprehensive single sign-on coverage. Virtually all Windows, Java, custom, mid-size/mainframe applications as well as internet and intranet sites. Win32, Java and HTML GUIs Citrix/Terminal Server Terminal emulators Rapid Deploy Technology that provides: Patent pending drag & drop administrator control (and optional user control) of client software training for automated applications login. Client based architecture that works out of the box. Windows installation standards (MSI) compliant automated deployment. Centralized management with administrator control over application access. Integrated smart card technology that provides: Certified (FIPS Level 2) secure containers for user credentials and data. Multi-function flexibility Non-PKI and PKI environments Easy integration with physical access security systems Datakey Axis Benefits Reduced administration costs - a single product supports SSO to all applications. Increased security with the ability to enforce a consistent and strong password policy across all applications. Increased user productivity by reducing the number of passwords a user needs to remember to one (no longer a need to write them down). Drastic reduction to the Help Desk resource burden for resetting passwords. Simplified deployment (does not require an "IT Project"). Also, provides an ROI in 6-12 months. Reduced cost of deployment and maintenance - no additional servers or agents/plug-ins to install and is non-intrusive to existing infrastructure. Centralized management control of password policy enforcement and application access Increased user productivity with transparent automated updates of client software and user credentials. Reduced deployment costs with highly automated set-up and installation Security solution flexibility and portability. Easy migration paths from passwords to stronger access control solutions such as PKI and biometrics. Enables use of a single ID badge for building and computer access. (Cont d) Datakey Axis Single Sign-On White Paper 5
8 Table 2: Datakey Axis Features and Benefits Conclusion Datakey Axis Features Automated credential management that provides: Automated password changes Automated updates of user credentials and client software. Automated and transparent PKI certificate issuance SSO support for multiple authentication mechanisms: User name and Password PKI Digital Certificates One-time passwords Biometrics Standards-based implementation: ISO 7816 GSC-IS V2.1 PKCS #11 V2.0 Microsoft CAPI V2.0 Microsoft MSI PC/SC Previous access control products have not adequately addressed the needs of IT organizations for a single sign-on solution that is simple and fast to deploy, enhances security, removes user resistance and is able to integrate with existing access control infrastructures. Passwords will continue to be the primary means of access control, despite all their deficiencies, because they are so deeply entrenched into the infrastructure and culture. Therefore, rather than attempt to replace them, access control products must embrace them and remove the deficiencies surrounding them. Datakey Axis Benefits Drastically reduced administrative costs to manage and enforce password changes. Reduced security vulnerabilities with automated strong password changes. No impact on your users resulting in increased user productivity Preserves investment in tokens and software as organizations add new applications and authentication mechanisms No user impact to migrate to PKI enable applications Ease of integration and interoperability with other infrastructure components Datakey Axis has been designed just for this purpose. Its client-based approach leverages the strengths of smart card technology to enhance security while removing the user burden of having to remember numerous and complex passwords. Datakey Axis is easy and fast to deploy, doesn't impact server software management, and provides the administrator with centralized control of access to applications and the enforcement of strong password policies. The mixture of technologies integrated by Datakey Axis makes it the ideal single sign-on solution for most organizations. Datakey Corporate Headquarters 407 West Travelers Trail Minneapolis, MN Phone: (952) Toll-free: Fax: (952) Web: info@datakey.com 6 DatakeyAxisSingleSign-OnWhitePaper
Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access
Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access CONTENTS What is Authentication? Implementing Multi-Factor Authentication Token and Smart Card Technologies
More informationChoosing an SSO Solution Ten Smart Questions
Choosing an SSO Solution Ten Smart Questions Looking for the best SSO solution? Asking these ten questions first can give your users the simple, secure access they need, save time and money, and improve
More informationWHITE PAPER. Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ)
WHITE PAPER Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ) SEPTEMBER 2004 Overview Password-based authentication is weak and smart cards offer a way to address this weakness,
More informationOracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009
Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009 EXECUTIVE OVERVIEW Enterprises these days generally have Microsoft Windows desktop users accessing diverse enterprise applications
More informationStrong Authentication for Secure VPN Access
Strong Authentication for Secure VPN Access Solving the Challenge of Simple and Secure Remote Access W H I T E P A P E R EXECUTIVE SUMMARY In today s competitive and efficiency-driven climate, organizations
More informationand the software then detects and automates all password-related events for the employee, including:
Reduce costs, simplify access and audit access to applications with single sign-on IBM Single Sign-On Highlights Reduce password-related helpdesk Facilitate compliance with pri- costs by lowering the vacy
More informationVPN Solutions FAQ www.aladdin.com/contact North America International Germany Benelux France Spain Israel Asia Pacific Japan
A l a d d i n. c o m / e T o k e n VPN Solutions FAQ VPN authentication is a critical link in the chain of trust for remote access to your organization. Compromising that trust can expose your private
More informationTake the cost, complexity and frustration out of two-factor authentication
Take the cost, complexity and frustration out of two-factor authentication Combine physical and logical access control on a single card to address the challenges of strong authentication in network security
More informationSingle Sign-On. Security and comfort can be friend. Arnd Langguth. alangguth@novell.com. September, 2006
Single Sign-On Security and comfort can be friend. Arnd Langguth alangguth@novell.com September, 2006 Identity proliferation in the enterprise Password management problem How many passwords do you have?
More informationEnhancing Web Application Security
Enhancing Web Application Security Using Another Authentication Factor Karen Lu and Asad Ali Gemalto, Inc. Technology & Innovations Austin, TX, USA Overview Introduction Current Statet Smart Cards Two-Factor
More informationAuthentication: Password Madness
Authentication: Password Madness MSIT 458: Information Security Group Presentation The Locals Password Resets United Airlines = 83,000 employees Over 13,000 password reset requests each month through the
More informationThe Encryption Anywhere Data Protection Platform
The Encryption Anywhere Data Protection Platform A Technical White Paper 5 December 2005 475 Brannan Street, Suite 400, San Francisco CA 94107-5421 800-440-0419 415-683-2200 Fax 415-683-2349 For more information,
More informationStrong Authentication. Securing Identities and Enabling Business
Strong Authentication Securing Identities and Enabling Business Contents Contents...2 Abstract...3 Passwords Are Not Enough!...3 It s All About Strong Authentication...4 Strong Authentication Solutions
More informationPasslogix Sign-On Platform
Passlogix Sign-On Platform The emerging ESSO standard deployed by leading enterprises Extends identity management to the application and authentication device level No modifications to existing infrastructure
More informationCitrix Password Manager 4.1
F E A T U R E S O V E R V I E W Password Manager 4.1 The access platform provides on-demand access to information, and Password Manager makes that information available with a single logon. Password Manager
More informationLots of workers, many applications, multiple locations......and you need one smart way to handle access for all of them.
Lots of workers, many applications, multiple locations......and you need one smart way to handle access for all of them. imprivata OneSign The Converged Authentication and Access Management Platform The
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationetoken Single Sign-On 3.0
etoken Single Sign-On 3.0 Frequently Asked Questions Table of Contents 1. Why aren t passwords good enough?...2 2. What are the benefits of single sign-on (SSO) solutions?...2 3. Why is it important to
More informationSuccessful Enterprise Single Sign-on Addressing Deployment Challenges
Successful Enterprise Single Sign-on Addressing Deployment Challenges 2015 Hitachi ID Systems, Inc. All rights reserved. Contents 1 Introduction 1 2 Background: User Problems with Passwords 2 3 Approaches
More informationAchieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER
with Convenience and Personal Privacy version 0.2 Aug.18, 2007 WHITE PAPER CONTENT Introduction... 3 Identity verification and multi-factor authentication..... 4 Market adoption... 4 Making biometrics
More informationCitrix MetaFrame Password Manager 2.5
F E A T U R E S O V E R V I E W Citrix MetaFrame Password Manager 2.5 Citrix access infrastructure provides on-demand access to information, and Citrix MetaFrame Password Manager makes that information
More informationContents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008
Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Contents Authentication and Identity Assurance The Identity Assurance continuum Plain Password Authentication
More informationAn Oracle White Paper December 2010. Implementing Enterprise Single Sign-On in an Identity Management System
An Oracle White Paper December 2010 Implementing Enterprise Single Sign-On in an Identity Management System Introduction Most users need a unique password for every enterprise application, causing an exponential
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationWhite paper December 2008. IBM Tivoli Access Manager for Enterprise Single Sign-On: An overview
White paper December 2008 IBM Tivoli Access Manager for Enterprise Single Sign-On: An overview Page 2 Contents 2 Executive summary 2 The enterprise access challenge 3 Seamless access to applications 4
More informationExecutive Summary P 1. ActivIdentity
WHITE PAPER WP Converging Access of IT and Building Resources P 1 Executive Summary To get business done, users must have quick, simple access to the resources they need, when they need them, whether they
More informationCybersecurity and Secure Authentication with SAP Single Sign-On
Solution in Detail SAP NetWeaver SAP Single Sign-On Cybersecurity and Secure Authentication with SAP Single Sign-On Table of Contents 3 Quick Facts 4 Remember One Password Only 6 Log In Once to Handle
More informationEndpoint Virtualization for Healthcare Providers
WHITE PAPER: xxxxxx BEST PRACTICES [00-Cover_Bar] FOR HEALTHCARE Endpoint Virtualization for Healthcare Providers Confidence in a connected world. White Paper: Best Practices for Healthcare Endpoint Virtualization
More informationSecurity under your Control
Security under your Control www.scm-concerto.com ConCERTO combines physical & logical access and more... Do you want to Improve your access security Simplify IT administration for logical and physical
More informationAdvanced Authentication Methods Determining the Best Fit for Your Agency. Strong Authentication. Simplified.
Advanced Authentication Methods Determining the Best Fit for Your Agency Strong Authentication. Simplified. Agenda About 2FA CJIS Security Policy 5.1 Advanced Authentication Encryption, Secure Connectivity
More informationStrong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment
Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment IIIIII Best Practices www.gemalto.com IIIIII Table of Contents Strong Authentication and Cybercrime... 1
More informationA brief on Two-Factor Authentication
Application Note A brief on Two-Factor Authentication Summary This document provides a technology brief on two-factor authentication and how it is used on Netgear SSL312, VPN Firewall, and other UTM products.
More informationWhite Paper 2 Factor + 2 Way Authentication to Criminal Justice Information Services. Table of Contents. 1. Two Factor and CJIS
White Paper 2 Factor + 2 Way Authentication to Criminal Justice Information Services Over the past decade, the demands on government agencies to share information across the federal, state and local levels
More informationAlready working or still authenticating again, again, and again? Smart Enterprise Single Sign-On
Already working or still authenticating again, again, and again? Copyright Copyright SECUDE AG 2009. SECUDE is a registered trademark of SECUDE AG. Microsoft is a registered trademark of the Microsoft
More informationWHITE PAPER Identity Management in a Virtual World INTRODUCTION. Sponsored by: Aladdin Knowledge Systems. Charles J.
WHITE PAPER Identity Management in a Virtual World Sponsored by: Aladdin Knowledge Systems Charles J. Kolodgy June 2003 INTRODUCTION Today s enterprises need new methods of developing trust in a virtual
More informationIdentity Management and Single Sign-On
Delivering Oracle Success Identity Management and Single Sign-On Al Lopez RMOUG Training Days February 2012 About DBAK Oracle Solution Provider and License Reseller Core Technology and EBS Applications
More informationAbout the white paper: The pressure to demonstrate compliance with standards and regulations such as Sarbanes Oxley, HIPAA, PCI DSS and Basel II,
TWO FACTOR AUTHENTICATION FOR THE IBM SYSTEM i WHITE PAPER MAY 2010 About the white paper: The pressure to demonstrate compliance with standards and regulations such as Sarbanes Oxley, HIPAA, PCI DSS and
More informationADDING STRONGER AUTHENTICATION for VPN Access Control
ADDING STRONGER AUTHENTICATION for VPN Access Control Adding Stronger Authentication for VPN Access Control 1 ADDING STRONGER AUTHENTICATION for VPN Access Control A VIRTUAL PRIVATE NETWORK (VPN) allows
More informationIntegrating Hitachi ID Suite with WebSSO Systems
Integrating Hitachi ID Suite with WebSSO Systems 2015 Hitachi ID Systems, Inc. All rights reserved. Web single sign-on (WebSSO) systems are a widely deployed technology for managing user authentication
More informationThe Benefits of an Industry Standard Platform for Enterprise Sign-On
white paper The Benefits of an Industry Standard Platform for Enterprise Sign-On The need for scalable solutions to the growing concerns about enterprise security and regulatory compliance can be addressed
More informationMoving to Multi-factor Authentication. Kevin Unthank
Moving to Multi-factor Authentication Kevin Unthank What is Authentication 3 steps of Access Control Identification: The entity makes claim to a particular Identity Authentication: The entity proves that
More informationCard Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006
Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates September 2006 Copyright 2006 Entrust. All rights reserved. www.entrust.com Entrust is a registered trademark
More informationThe Role of Password Management in Achieving Compliance
White Paper The Role of Password Management in Achieving Compliance PortalGuard PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax: 617.674.2727 E-mail: sales@portalguard.com Website: www.portalguard.com
More informationRSA Solution Brief. RSA SecurID Authentication in Action: Securing Privileged User Access. RSA Solution Brief
RSA SecurID Authentication in Action: Securing Privileged User Access RSA SecurID solutions not only protect enterprises against access by outsiders, but also secure resources from internal threats The
More informationConCERTO Secure Solutions for Converged Systems
ConCERTO Secure Solutions for Converged Systems Distribution for Switzerland: insinova ag www.insinova.ch Jens Albrecht Email: jens.albrecht@insinova.ch Phone: +41 41 748 72 05 September 2011 SCM Microsystems
More informationIBM Tivoli Access Manager for Enterprise Single Sign-On
Deliver seamless access to applications with an easy-to-deploy solution IBM Single Sign-On Highlights Help simplify the employee experience by eliminating the need to remember and manage user names and
More informationCitrix Password Manager 4.5 Partner and Sales FAQ
Citrix Password Manager 4.5 Partner and Sales FAQ I. Messaging and Positioning... 2 What is Password Manager?... 2 What is Citrix announcing with the availability of Password Manager 4.5?... 3 Why is Password
More informationAn Oracle White Paper December 2010. Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance
An Oracle White Paper December 2010 Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance Executive Overview... 1 Health Information Portability and Accountability Act Security
More informationThe Need for ESSO W h i T E pa p E r
The Need for ESSO W h i t e pa p e r The Missing Link in Password Management Every information security executive is familiar with the problems of password fatigue, password inflation, and the associated
More informationDeploying Smart Cards in Your Enterprise
www.css-security.com 425.216.0720 WHITE PAPER The merging of physical access technology with public key-enabled smart card technology has been an emerging trend that has occurred in the security industry
More informationInnovative Secure Boot System (SBS) with a smartcard.
Managed Security Services Desktop Security Services Secure Notebook Desktop Security Services. Secure Notebook. Today s business environment demands mobility, and the notebook computer has become an indispensable
More informationEnterprise SSO Manager (E-SSO-M)
Enterprise SSO Manager (E-SSO-M) Many resources, such as internet applications, internal network applications and Operating Systems, require the end user to log in several times before they are empowered
More informationGuide to Evaluating Multi-Factor Authentication Solutions
Guide to Evaluating Multi-Factor Authentication Solutions PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-No-Token / 1-877-668-6536 www.phonefactor.com Guide to Evaluating Multi-Factor
More informationwww.eset.com Proven. Trusted.
www.eset.com Proven. Trusted. Ultra-strong authentication to protect network access and assets ESET Secure Authentication provides powerful authentication to make remote access to the company network and
More informationThe City of New York
The Policy All passwords and personal identification numbers (PINs) used to protect City of New York systems shall be appropriately configured, periodically changed, and issued for individual use. Scope
More informationEntrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003
Entrust Secure Web Portal Solution Livio Merlo Security Consultant September 25th, 2003 1 Entrust Secure Web Portal Solution Only the Entrust Secure Web Portal solution provides Security Services coupled
More informationVMware AlwaysOn Point of Care Desktop. with Indigo Identityware software for Fast Access & Strong Authentication with Roaming Desktops
VMware AlwaysOn Point of Care Desktop with Indigo Identityware software for with Roaming Desktops Indigo Identityware provides clinical users fast and secure access to their VMware desktop through a fluid,
More informationIntroducing etoken. What is etoken?
Introducing etoken Nirit Bear September 2002 What is etoken? Small & portable reader-less Smartcard Standard USB connectivity Logical and physical protection Tamper evident (vs. tamper proof) Water resistant
More informationSAP Single Sign-On 2.0 Overview Presentation
SAP Single Sign-On 2.0 Overview Presentation March 2016 Public Agenda SAP security portfolio Overview SAP Single Sign-On Single sign-on main scenarios Capabilities Summary 2016 SAP SE or an SAP affiliate
More informationUltra-strong authentication to protect network access and assets
proven. trusted. Ultra-strong authentication to protect network access and assets ESET Secure Authentication provides powerful authentication to make remote access to the company network and sensitive
More informationTwo-Factor Authentication
Two-Factor Authentication A Total Cost of Ownership Viewpoint CONTENTS + Two-Factor Authentication 3 A Total Cost of Ownership Viewpoint + Introduction 3 + Defining Total Cost of Ownership 3 + VeriSign
More information2 factor + 2. Authentication. way
2 factor + 2 way Authentication Deepnet DualShield is an open, unified authentication platform that enables multi-factor strong authentication across diverse applications, users and security tokens. 5
More informationWhitepaper MODERN THREATS DRIVE DEMAND FOR NEW GENERATION TWO-FACTOR AUTHENTICATION
Whitepaper MODERN THREATS DRIVE DEMAND FOR NEW GENERATION TWO-FACTOR AUTHENTICATION A RECENT SURVEY SHOWS THAT 90% OF ALL COMPANIES HAD BEEN BREACHED IN THE LAST 12 MONTHS. THIS PARED WITH THE FACT THAT
More informationConvenience and security
Convenience and security ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work and home environments.
More informationEnterprise Single Sign-On City Hospital Cures Password Pain. Stephen Furstenau Operations and Support Director Imprivata, Inc. www.imprivata.
Enterprise Single Sign-On City Hospital Cures Password Pain Stephen Furstenau Operations and Support Director Imprivata, Inc. www.imprivata.com Application Security Most organizations could completely
More informationSmart Card Two Factor Authentication
January 2013 Page 1 Smart Card Two Factor Authentication The combination of a smart card and PIN provides Two-Factor Authentication, where two items are needed: something physical the user has (a smart
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationSecure Authentication Managed Service Portfolio
Secure Authentication Managed Service Portfolio Combating Corporate Identity Theft Signify Managed Authentication Services Signify offers a complete range of Secure Authentication and Identity Management
More informationWhite Paper for Software Publishers. Strong Authentication: Securing Identities and Enabling Business
White Paper for Software Publishers Strong Authentication: Securing Identities and Enabling Business A l a d d i n. c o m / H A S P Table of Contents Abstract...3 Introduction...4 Passwords Are Not Enough!...4
More informationDirX Identity V8.5. Secure and flexible Password Management. Technical Data Sheet
Technical Data Sheet DirX Identity V8.5 Secure and flexible Password Management DirX Identity provides a comprehensive password management solution for enterprises and organizations. It delivers self-service
More informationReaching the Tipping Point for Two-Factor Authentication
Reaching the Tipping Point for Two-Factor Authentication Written by Don Jones Quest Software, Inc. White Paper 2009 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information,
More informationIntroduction to SAML
Introduction to THE LEADER IN API AND CLOUD GATEWAY TECHNOLOGY Introduction to Introduction In today s world of rapidly expanding and growing software development; organizations, enterprises and governments
More informationAn Oracle White Paper December 2010. Integrating Oracle Enterprise Single Sign-On Suite Plus with Strong Authentication
An Oracle White Paper December 2010 Integrating Oracle Enterprise Single Sign-On Suite Plus with Strong Authentication Introduction Protecting data in the digital age is critical. A security breach, if
More informationUsing Entrust certificates with VPN
Entrust Managed Services PKI Using Entrust certificates with VPN Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark or a registered trademark
More informationRSA SecurID Two-factor Authentication
RSA SecurID Two-factor Authentication Today, we live in an era where data is the lifeblood of a company. Now, security risks are more pressing as attackers have broadened their targets beyond financial
More informationEnhancing Password Management by Adding Security, Flexibility, and Agility IBM Redbooks Solution Guide
Enhancing Password Management by Adding Security, Flexibility, and Agility IBM Redbooks Solution Guide The number of logins and passwords that employees must manage on a daily basis continues to be a source
More informationSmart Card Deployment in the Data Center: Best Practices for Integrating Smart Card Authentication in a Secure KVM Environment
Smart Card Deployment in the Data Center: Best Practices for Integrating Smart Card Authentication in a Secure KVM Environment 2009, Raritan Inc. Executive Summary While many organizations have employed
More informationAn Overview of Samsung KNOX Active Directory and Group Policy Features
C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationSmart Cards, Biometrics and Tokens for VLANs and Subnet Access
Smart Cards, Biometrics and Tokens for VLANs and Subnet Access Jeff Hayes Director, Security Programs Alcatel e-business Networking Division Agenda LAN Access Issues and Requirements
More informationProvide access control with innovative solutions from IBM.
Security solutions To support your IT objectives Provide access control with innovative solutions from IBM. Highlights Help protect assets and information from unauthorized access and improve business
More informationGlobal Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com
VENDOR PROFILE Passlogix and Enterprise Secure Single Sign-On: A Success Story Sally Hudson IDC OPINION Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com
More informationVeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.
END USER S GUIDE VeriSign PKI Client Government Edition v 1.5 End User s Guide VeriSign PKI Client Government Version 1.5 Administrator s Guide VeriSign PKI Client VeriSign, Inc. Government Copyright 2010
More informationIBM Security Access Manager for Enterprise Single Sign-On
IBM Security Access Manager for Enterprise Single Sign-On Simplify password management, strengthen access security and demonstrate compliance Highlights Achieve faster time to value and higher ROI with
More informationTFS ApplicationControl White Paper
White Paper Transparent, Encrypted Access to Networked Applications TFS Technology www.tfstech.com Table of Contents Overview 3 User Friendliness Saves Time 3 Enhanced Security Saves Worry 3 Software Componenets
More informationDirX Identity V8.4. Secure and flexible Password Management. Technical Data Sheet
Technical Data Sheet DirX Identity V8.4 Secure and flexible Password Management DirX Identity provides a comprehensive password management solution for enterprises and organizations. It delivers self-service
More informationThe Business Case for Healthcare Access Solution
The Business Case for Healthcare Access Solution As clinicians go about their day, their IT needs to keep pace. By dramatically reducing the number of necessary credentials, enabling hassle-free swipe
More informationIntroduction to Computer Security
Introduction to Computer Security Identification and Authentication Pavel Laskov Wilhelm Schickard Institute for Computer Science Resource access: a big picture 1. Identification Which object O requests
More informationCHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device
CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge
More informationAuthentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS
Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
More informationActive Directory and DirectControl
WHITE PAPER CENTRIFY CORP. Active Directory and DirectControl APRIL 2005 The Right Choice for Enterprise Identity Management and Infrastructure Consolidation ABSTRACT Microsoft s Active Directory is now
More informationThe 4 forces that generate authentication revenue for the channel
The 4 forces that generate authentication revenue for the channel Web access and the increasing availability of high speed broadband has expanded the potential market and reach for many organisations and
More informationMODERN THREATS DRIVE DEMAND FOR NEW GENERATION MULTI-FACTOR AUTHENTICATION
Whitepaper MODERN THREATS DRIVE DEMAND FOR NEW GENERATION MULTI-FACTOR AUTHENTICATION A SURVEY SHOWS THAT 90% OF ALL COMPANIES HAD BEEN BREACHED IN THE LAST 12 MONTHS. THIS PAIRED WITH THE FACT THAT THREATS
More informationManaged Portable Security Devices
Managed Portable Security Devices www.mxisecurity.com MXI Security leads the way in providing superior managed portable security solutions designed to meet the highest security and privacy standards of
More informationIBM Security Access Manager for Enterprise Single Sign-On Version 8.2.1. User Guide IBM SC23-9950-05
IBM Security Access Manager for Enterprise Single Sign-On Version 8.2.1 User Guide IBM SC23-9950-05 IBM Security Access Manager for Enterprise Single Sign-On Version 8.2.1 User Guide IBM SC23-9950-05
More informationRSA SecurID Software Token 3.0 for Windows Workstations Administrator s Guide
RSA SecurID Software Token 3.0 for Windows Workstations Administrator s Guide Contact Information See our Web sites for regional Customer Support telephone and fax numbers. RSA Security Inc. RSA Security
More informationFrequently Asked Questions (FAQs) SIPRNet Hardware Token
Air Force Public Key Infrastructure System Program Office (ESC/HNCDP) Phone: 210-925-2562 / DSN: 945-2562 Web: https://afpki.lackland.af.mil Frequently Asked Questions (FAQs) SIPRNet Hardware Token Updated:
More informationAuthentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business
Authentication Solutions Versatile And Innovative Authentication Solutions To Secure And Enable Your Business SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
More informationServer-based Password Synchronization: Managing Multiple Passwords
Server-based Password Synchronization: Managing Multiple Passwords Self-service Password Reset Layer v.3.2-004 PistolStar, Inc. dba PortalGuard PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax:
More informationProduct overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities
PRODUCT SHEET: CA SiteMinder CA SiteMinder we can CA SiteMinder provides a centralized security management foundation that enables the secure use of the web to deliver applications and cloud services to
More informationNetIQ Advanced Authentication Framework - Client. User's Guide. Version 5.1.0
NetIQ Advanced Authentication Framework - Client User's Guide Version 5.1.0 Table of Contents 1 Table of Contents 2 Introduction 4 About This Document 4 NetIQ Advanced Authentication Framework Overview
More information