Citrix MetaFrame Password Manager Security Proposition
|
|
- Caren Chapman
- 8 years ago
- Views:
Transcription
1 Citrix MetaFrame Password Manager Security Proposition
2 About this Document Ensuring the integrity and security of our customers data and corporate information pervades all aspects of design, testing and deployment at Citrix. Citrix MetaFrame Password Manager 2.0 is a direct result of our ongoing effort to secure access in an increasingly challenging IT environment. A key part of this effort is our dedicated security team that trains our engineers, performs internal audits of the code base, and commissions independent third-party evaluations. To put MetaFrame Password Manager 2.0 through its paces, we hired Foundstone Strategic Security, experts in strategic security, to expose the system to a variety of threat scenarios. This document provides a detailed look at MetaFrame Password Manager 2.0 and the results of the third-party evaluation. The first section explains the security features and benefits offered by MetaFrame Password Manager 2.0. The second section presents the findings from Foundstone. INCLUDES: (1) White Paper: Improving Security with Citrix MetaFrame Password Manager (2) Third-Party Security Assessment: Foundstone Security Assessment of Citrix MetaFrame Password Manager 2.0
3 W H I T E P A P E R Improving Security with Citrix MetaFrame Password Manager CITRIX METAFRAME PASSWORD MANAGER, VERSION 2.0 Introduction Citrix MetaFrame Password Manager is an enterprise single sign-on solution that simplifies user access to applications while enhancing security. This white paper describes complementary ways in which MetaFrame Password Manager enhances security.
4 1 Introduction 2 Target Audience 2 Finding More Information 2 The Password Dilemma 3 The Usual Trade-off 3 MetaFrame Password Manager 3 Improving Security with Enterprise Single Sign-On 3 Components 4 Nonintrusive Insertion 5 Security Benefits 7 Security Challenges 7 Security Mechanisms 7 Access to Credentials 8 Credentials Storage 11 Password Change 11 Credentials Synchronization 12 Event Logs 12 Conclusion
5 IMPROVING SECURITY WITH CITRIX METAFRAME PASSWORD MANAGER TARGET AUDIENCE This white paper is designed to meet the needs of IT security architects, engineers and other specialists, as well as technical evaluators for IT products. This white paper is intended for readers with varying levels of exposure to single sign-on (SSO) solutions in general, and to Citrix MetaFrame Password Manager in particular. Readers new to SSO will benefit from reading the entire document. Readers who know SSO, but who are not familiar with MetaFrame Password Manager, can start reading the section entitled, Improving Security with Enterprise Single Sign-On on page 3. Readers who have intimate knowledge of MetaFrame Password Manager and who are interested in the inner security mechanisms, can go directly to Security Mechanisms on page 7. FINDING MORE INFORMATION For assistance in deploying a secure MetaFrame Password Manager solution, the following documentation is available: The Citrix MetaFrame Password Manager 2.0 Administrator s Guide (CTX102684) explains how to install and configure MetaFrame Password Manager on Windows, including password policy definition, password management automation and reauthentication settings. The online Knowledge Base (see contains the following articles: Agent Security for MetaFrame Password Manager (CTX103189) GINA Chaining with the MetaFrame Password Manager Agent (CTX103185) Dealing with Forgotten Passwords and Forgotten Answers to the Secret Question (CTX103172) Choosing between Active Directory and File Share Synchronization for MetaFrame Password Manager (CTX103171) MetaFrame Password Manager in a Distributed File System Environment (CTX103186) File Synchronization Security for MetaFrame Password Manager (CTX103184) MetaFrame Password Manager Deployment Models and Scenarios (CTX103177) Recommendations for Using MetaFrame Password Manager with MetaFrame Secure Access Manager (CTX103188) The Password Dilemma Providing access to password-protected IT resources presents enterprises with a traditional dilemma: to decide between ease-of-use and security enforcement. Compromising either way to match the expectations of users or administrators entails important security implications. What is needed is to combine strong password enforcement with minimal user involvement. 2
6 THE USUAL TRADE-OFF Enterprises typically rely on the user to manage numerous passwords, even though security is especially susceptible to poor password protection. In particular, a user s natural inclination for simplicity (using a single password whenever possible), poor memory (using a spouse s name), and carelessness (writing or recording passwords anywhere) can virtually eliminate the value of any security technology placed into the system, no matter the password policies in place. METAFRAME PASSWORD MANAGER This is a single sign-on solution that reconciles security and usability interests to allow for an effective security strategy. Users authenticate only once with a single primary password (for domain authentication), possibly augmented with multifactor authentication devices, while MetaFrame Password Manager takes over the ongoing management of a user s secondary credentials to access enterprise, Web and host-based applications, or any other password-protected IT resource. MetaFrame Password Manager increases security by centralizing the definition and activation of password policies, enforcing strong passwords, applying uniform safeguards around credentials, and by imposing domain reauthentication parameters, such as to prevent walk-away breaches. Perhaps more importantly, MetaFrame Password Manager can tailor users exposure to passwords, ultimately cutting down all user involvement in application logons and password change events. Whereas shielding the user from all aspects of password management has clear usability merits, this also benefits security significantly. When users are no longer exposed to their own passwords, they can no longer select, store, share or otherwise mishandle their credentials. Secure ease-of-use can be achieved when MetaFrame Password Manager takes over the responsible management of a user s credentials. Improving Security with Enterprise Single Sign-On COMPONENTS MetaFrame Password Manager consists of three primary software components: the agent, a central credential store and the administrator console. This document provides only a brief overview of the functionalities of each component as they pertain to security. Further details on each component can be found in the Citrix MetaFrame Password Manager Evaluator s Guide available from The Agent The MetaFrame Password Manager agent acts on behalf of the end user, detecting and reacting automatically to password-related events. The user enters application credentials once at configuration time and then allows the agent to take over to perform all logon and password changes initiated by the applications. When a user attempts to access an application that requires authentication, the agent intercepts the application s request for authentication, retrieves the correct logon credentials from its encrypted local store, and supplies them to the application. 3
7 IMPROVING SECURITY WITH CITRIX METAFRAME PASSWORD MANAGER The Administrator Console The console provides administrator with control over all aspects of password management, but without providing any visibility to the actual user passwords. In particular, the console can activate individual applications for single sign-on, define strong password policies, automate agent interactions, and publish agent settings on the central store. More specifically, the administrator can configure any number of password policies with granular controls to ensure the strongest password formation is enforced for every single application. The Central Credential Store All users encrypted credentials are saved in a central store, deployed either as shared network folders, or on Microsoft Active Directory. The credential store also contains the first-time-use settings, application configurations, and administrative override settings as defined by the administrator. This is the central repository for all data necessary to configure generic software agents into user-specific password managers. At session start-up, an agent accesses a user s settings and encrypted credentials from the central store and saves them locally. Then, the agent may update a number of credentials during the session. Upon termination, the agent performs a final synchronization with the central store assuring that the credentials are consistent between the local and central stores (optionally, depending on administrator configuration, the agent may also synchronize them during the course of the session). All updates are consolidated on the central store to let users reuse and maintain their credentials across sessions from any workstation within the domain. NONINTRUSIVE INSERTION The MetaFrame Password Manager agent ties into the authentication mechanisms in place. Upstream, it hooks to the winlogon authentication process (primary authentication), and downstream, it interacts with the existing logon prompt of each individual application (secondary authentication). It does not disrupt the existing chain of command other than generating, storing and submitting the credentials on behalf of the user. MetaFrame Password Manager has no need for additional hardware or software changes, new adaptors or scripts, thus avoiding potential extraneous vulnerabilities. Primary Authentication MetaFrame Password Manager does not affect primary authentication. That stage is still handled using either common domain authentication (such as NTLM), or alternative authentication mechanisms based on password, smart card, token or biometrics. On many Microsoft operating systems, this replacement of interface is specified and supported by Microsoft, and is achieved by replacing the Microsoft msgina.dll with the primary GINA.dll (Graphical Identification and Authentication dynamic-link library) of another authentication vendor. MetaFrame Password Manager chains its own ssogina.dll underneath the installed primary GINA.dll. This pass-through GINA performs some preprocessing in preparation for upcoming secondary authentications. MetaFrame Password Manager does not implement its own replacement user interface or authentication mechanism. Upon successful authentication with the domain controller, the primary GINA.dll passes the primary password to the ssogina.dll. From that point on, the agent uses the primary password to unlock the user s credentials from the store and takes over full control of secondary authentications. Once MetaFrame Password Manager submits the credentials, the application handles the authentication in the same way as when a user manually enters them. 4
8 Secondary Authentication The agent runs locally to the logon prompt, be it the application s native interface, a Web form or a terminal emulator. MetaFrame Password Manager detects password events by uniquely identifying the login interface through Windows control IDs, window title, form name, or unique strings, regardless of the underlying application architecture. The agent simply provides logon credentials to the local prompt and relies on the individual applications to transmit credentials to their own data stores. From the perspective of an SSL-authenticated clientto-server connection, MetaFrame Password Manager integrates seamlessly with the established tunnel. Therefore, the current communication flow between the front end of an application and the back end is not affected by the use of MetaFrame Password Manager. SECURITY BENEFITS The protective measures implemented in MetaFrame Password Manager address security threats tied to every constituent, namely end users, the agent, the credential store, synchronization links and administrators. The risk that an unintended individual abuses the rights of a legitimate user is minimized through the following mitigations: Consolidated Credential Store All credentials are stored encrypted by the agent in one consistent location. By having all passwords stored securely in a uniform manner, the user no longer needs to disperse logon information in an ad hoc mix of handwritten notes and electronic files, which, despite the best efforts, remain all too exposed to the inquisitive onlooker. Strong Passwords Strong credentials is an effective means to thwart the threat from casual adversaries or structured dictionary attacks. The console allows for the definition of strong password policies and their activation for selected applications, whereas the agent enforces the policies whenever new passwords get created. A password policy can be specified for a single application, if required. Administrators can specify how passwords must be created using the following criteria: The minimum and maximum number of characters used in a password Whether or not alphabetical characters can be used in a password and if they can be uppercase, lowercase, or a combination of both Whether or not numeric characters can be used in a password The minimum and maximum number of numeric characters in a password Number of times a character can be repeated in a password The use of special characters This approach has significant advantages over Password Synchronization solutions that align domain logon and all applications on the lowest common password denominator (for example, a six-character limit for certain mainframe applications). Pure password synchronization solutions might force a very weak password for all logon authentications, and organizations may end up relaxing security severely for the sake of ease-of-use. 5
9 IMPROVING SECURITY WITH CITRIX METAFRAME PASSWORD MANAGER Hidden Credentials Administrators also have the ability to hide the underlying application credentials from end users by automating the silent creation and submission of passwords by the agent. Hidden credentials help increase overall security since employees are unaware of the application s actual passwords and can only access these applications through company-approved mechanisms. This also prevents the hazards that may result from the casual lending of access rights to supposedly trusted co-workers, as well as eliminates the chances of an adversary snooping over one s shoulder. In addition, it certainly limits the possibilities for password theft through social engineering techniques or outright coercion. Finally, hidden credentials help relax the urgency for deactivating user accounts when it comes time to deprovision an employee. Automated Reauthentication The agent can be configured to invoke domain reauthentication selectively for certain critical applications, or systematically upon the next application logon or password change event after a configurable time interval has expired. Given that enterprise-wide activation of password-protected screen savers has proven an elusive goal, IT administrators are now offered the possibility to configure all agents to enforce a protective measure against walk-away breaches. Passwords Not Exposed Since the credentials are exchanged locally between the agent and the application, MetaFrame Password Manager does not introduce any new opportunity for sniffing the passwords over the network. In fact, the only time that credentials are ever transmitted on the network by MetaFrame Password Manager is for synchronization purposes between the agent and the central credential store, in which case the credentials are always passed in their encrypted form. Additionally, individual passwords are only deciphered for the brief interval where the agent submits the credentials to the application, after which the password is discarded from memory. Not storing password in clear text effectively limits their exposure to an off-line observer. Nonetheless, the agent can be configured to flush the local credential store at the end of every session, thereby minimizing the risks of an off-line attack on the local encrypted store. Resilient Architecture MetaFrame Password Manager s only network component is the credential store, which itself plays no active part in performing the authentication. Moreover, the central store supports standard replication mechanisms to ensure availability of the data. Therefore, the MetaFrame Password Manager architecture can be configured to avoid central point-of-failure, thus mitigating exposure to denial-of-service (DoS) attacks or other types of unplanned outages. Supplemental Identity Verification Application passwords are known only to the agent. An IT administrator is exposed to neither the clear text passwords nor their encryption keys. Nevertheless, MetaFrame Password Manager uses an identity verification question mechanism to help prevent administrators from abusing their permissions to exploit a user s credentials. 6
10 SECURITY CHALLENGES Given the seamless insertion between the primary and secondary authentication stages, MetaFrame Password Manager is essentially concerned with enforcing an automated management of strong passwords. Consequently, the security challenges sit at the core of password handling. First, as a generator of passwords, MetaFrame Password Manager must ensure proper password randomization in the creation process, while observing the formation rules set by the administrator. Second, as the unique holder of a user s passwords, it must provide sufficient safeguards to ensure all credentials are kept thoroughly secure, before, during, after and across agent sessions. Third, it must ensure that passwords can be recovered in the event of a primary password change, a forgotten primary password, or an accidental corruption on the client. The next section describes the mechanisms implemented to ensure that MetaFrame Password Manager delivers single sign-on in a secure and reliable manner. Security Mechanisms ACCESS TO CREDENTIALS When MetaFrame Password Manager is initially configured, the first domain authentication results in cryptographic keys getting created and encrypted for the user. MetaFrame Password Manager s ssogina.dll generates a set of random cryptographic keys unique to the user and encrypts them using the domain password. On subsequent primary authentication, ssogina.dll invokes a similar mechanism to compute the values needed by the agent to recover the cryptographic keys. In any case, the agent deciphers individual credentials during logon events only. It then submits the credentials to the application, thus greatly limiting the window of opportunity for an adversary. The figure below illustrates the credentials unlocking mechanism. [1] [2] [4] [3] ssogina.dll [5] [7] Domain Controller [6] X%r38z!xwd9l Credential Store 7
11 IMPROVING SECURITY WITH CITRIX METAFRAME PASSWORD MANAGER 1. The user enters the domain logon credentials. 2. The primary GINA submits credentials for domain authentication. 3. The domain controller confirms successful domain authentication to primary GINA. 4. The primary GINA passes the user ID, domain and the primary password to ssogina.dll. 5. ssogina.dll preprocesses session values to be used by the agent. 6. At the password event, the agent retrieves the encrypted secondary credentials from the local store. 7. The agent decrypts secondary credentials using encryption keys and submits them locally to the application. Since the primary password is used in protecting the credentials encryption, it becomes imperative for an organization to adopt strong primary passwords. One way to achieve strong passwords is by enforcing Microsoft s recommended password policy guidelines (See: However, authentication can be augmented with physical factors something you need to have in your possession to complement or replace the secret password. Besides, the adoption of multifactor authentication devices such as tokens, smart cards or biometrics could prove a more viable alternative than simply increasing the complexity of the primary password at the user s expense. Support for Multifactor Authentication The current version of MetaFrame Password Manager already integrates with a wide variety of multifactor authentication devices. In anticipation for the broad adoption of multifactor authentication devices as an industry best practice, Citrix has established a dedicated initiative in the Citrix Alliance Partners program to support integration efforts from a growing array of multifactor authentication device vendors. Note Inserting ssogina.dll underneath the primary authentication stage facilitates the support for multifactor authentication devices. Most strong authenticators chain their own replacement or supplementary GINA upstream. For GINA-chaining purposes, third-party authenticators should be installed before installing MetaFrame Password Manager. CREDENTIALS STORAGE Repository User data consist of configuration settings (application profiles, client settings, and so on), and application credentials (usernames, passwords, and third and fourth fields if required by an application). A credential store contains all the settings configured by administrators (enterprise-level configuration data and individual user/client settings), along with an encrypted version of each individual user s credentials. These confidential credentials never appear in clear text in the store. A replica of a user s credentials is stored in two locations: A local credential store A central credential store 8
12 Access to a user s credentials is controlled through file permissions (security and sharing permissions) on both credentials stores. The local store consists of a single binary, memory-mapped file (MMF) and contains all configuration data and confidential credentials for that user. The central credential store has multiple folders and files, and it can use either Microsoft Active Directory or a File Share folder. In a File Share implementation, permissions are set so that only the valid user and administrator can access the credentials. In an Active Directory deployment, each user has his or her own user directory in the tree; the permissions on this directory are configured to allow access by the users themselves and the administrators only (Citrix provides the Active Directory schema extensions required). In either case, even if access controls were bypassed, there is no visibility to the confidential data since the keys are known only to the local agent with the valid user s primary password. Indeed, no user has access to another user s confidential data. Resilience of the store is achieved through replication. The Active Directory configuration automatically leverages the built-in replication feature of Active Directory to create multiple datastores. With File Share, replication can be configured using the distributed file system (DFS) features of Windows 2000 or Encryption The Microsoft Crypto API is used for all cryptographic functions performed by MetaFrame Password Manager. The Crypto API cryptographic service providers contain all necessary functions for encryption, hashing and random number generation. Only approved U.S. Federal Information Processing Standards (FIPS) algorithms are used; hashing function is performed using the SHA-1 algorithm; and encryption uses TripleDES. The use of the Microsoft Crypto API library also gives the flexibility to support alternative encryption algorithms in the future. Cryptographic Keys Unique random cryptographic keys are generated for each user. These keys are used to encrypt an individual user s confidential credentials. Conversely, these same keys are also used to decrypt individual credentials when an application logon event is detected. In all instances, encryption/decryption of the credentials is only performed by the agent. To protect these cryptographic keys, MetaFrame Password Manager encrypts them using a protection key. The protection key is derived from the primary password, typically, the user-supplied password as returned by msgina.dll or some hidden password in the case of most strong authenticators. MetaFrame Password Manager hashes that value and a random salt, then derives an encryption key (e.g., the protection key) from the salted hash. The credential encryption flow is illustrated in the figure on the following page. Note A hash is a function that maps any data element to a binary string of a certain bit length. This mapping has two essential properties: It is unique for a given data element; the odds that two distinct elements are mapped to the same hash value are minimal, if not negligible. So a hash is a unique marking for the original data, without holding any of its information. More importantly, the hash is a one-way function. The algorithms for hashing data elements are public knowledge, but there is no way to reconstruct the original data just by knowing its hash value. 9
13 IMPROVING SECURITY WITH CITRIX METAFRAME PASSWORD MANAGER In essence, a hash is a unique identifier for a data element, but it doesn t reveal anything about the actual data. This property is particularly well-suited for communicating knowledge of a password and avoiding password sniffing at the same time. However, knowing the hash function and the seed value, an attacker could compute all hash values for a predetermined set of data elements. It would then become possible to verify a list of potential source data from a match on their hash value. This is typically what a dictionary attack consists of: a precalculation of most likely hash values. A salt tackles this problem. When a secret salt is added to the original data element, the hash mapping changes randomly and no longer matches that of a dictionary attacker. The derived encryption key is used to protect the cryptographic keys. The credential encryption flow is illustrated in the figure below. (3) 1. The user enters his domain password. 2. The password is transformed into a protection key via Crypto API. 3. The protection key is used to recover the cryptographic key via Crypto API. 4. The user s confidential credentials are decrypted via Crypto API. 5. The application user ID and password are submitted to the application. Identity Verification Phrase A verification phrase is used as a backup mechanism to recover the user s credentials in the event the primary password is lost, changed or reset. During the initial setup of MetaFrame Password Manager, the user selects a predefined question from a list (for example, city/state/year of father s birth, or year/street/price of the first house ), the answer to which, also referred to as the verification phrase, completes the authentication. Administrators must avoid defining verification questions that return simplistic answers and result in an easy guess, such as, What is your favorite color? Questions that combine several data elements, as in the examples above, are highly recommended. The verification phrase also provides an incremental measure against the compromise of a domain password. With the identity verification question, even when a domain password gets reset, it is not possible to use the confidential credentials without knowing the user s verification phrase. 10
14 The IT administrator can define the list of identity verification questions presented to the users, and the verification phrase has a minimum length requirement. Once the user picks a question and enters the verification phrase, the phrase is hashed with a salt, along with other variables, and then stored locally. Again, the verification phrase is never stored in clear text. PASSWORD CHANGE When an application requests a password change, MetaFrame Password Manager intercepts the request and can generate a random password without the user being aware of it. MetaFrame Password Manager ensures that all randomly generated passwords meet the intended level of security by enforcing the password formation policies. Randomization is performed through a function that calls a random generator function from one of Crypto API s service providers. CREDENTIALS SYNCHRONIZATION Synchronization is required in order to keep all agents up-to-date with the latest changes of credentials. As an example, a user might invoke an application published on a MetaFrame Presentation Server farm. This session might execute on a different server than the one used in the previous session. Since the agent runs locally to the application, previous password updates made on a different server must somehow be known to the ongoing session, regardless of the node on which it is currently running. Furthermore, the central credential store also proves an effective backup and restore solution in the event the client gets corrupted. Updates Credential synchronization is performed at the record level. The agent compares the encrypted credential records from the local store and the central store and merges them by date and time, overwriting the older records with the newer. If over the course of the session a password change is required, this will also be reflected in the user s local credential store. During the next synchronization, the central credential store would receive all updated credential records. Again, all credentials are passed in their encrypted form. Should the administrator configure the agent to delete the local credential store on shutdown, a synchronization is forced at start-up. An administrator can also control how often synchronization occurs though settings available in the console. Synchronizing end-user credentials to a central credential store enables mobility, eases deployment and simplifies administration. Recovery The central credential store also provides for credential recovery. Should a user s local store get corrupted or deleted, the credentials can still be restored through the central store. In this event, the next time the agent is executed, a synchronization occurs and a new copy of the user s local credential file will be created. In the case where the agent s binary executable gets corrupted, the agent would have to be reinstalled, but the installation process will reuse the existing local credentials store and user information. The agent detects the current settings and resumes execution. 11
15 IMPROVING SECURITY WITH CITRIX METAFRAME PASSWORD MANAGER EVENT LOGS The agent logs all single sign-on events to the Windows Event Log, building toward the consolidation of all audit and reporting views provided by the central Microsoft platform. Administrators can also configure the level of event-logging capability within MetaFrame Password Manager. The agent reports all events related to: Credential use Credential changes MetaFrame Password Manager events MetaFrame Password Manager feature use MetaFrame Password Manager helps organizations comply with mandated information security regulations, such as Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), and Sarbanes-Oxley Act (SOA). Conclusion Citrix MetaFrame Password Manager is a single sign-on solution that improves enterprise security, in particular for those organizations that still rely on individuals to manage their own passwords. MetaFrame Password Manager stores, submits, updates and recovers application passwords in a secure manner through the following mechanisms: Definition of password formation policies and systematic enforcement of strong passwords Automation of all aspects of application password management, which can ultimately be tailored to shield end users from any password-related responsibility No credentials in clear text on the store or over the network; only FIPS-approved cryptographic algorithms used Synchronization and recovery performed through central credential store Seamless interoperability with most multifactor authentication devices MetaFrame Password Manager delivers user convenience in a secure manner. It provides IT administrators with practical means of enforcing uniform security policies across the organization and limiting user access to company-approved mechanisms. Citrix MetaFrame Password Manager is a single sign-on solution that effectively reconciles the security and usability interests of large and small enterprises alike. 12
16 Notice Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Citrix Systems, Inc. Citrix Worldwide WORLDWIDE HEADQUARTERS Citrix Systems, Inc. 851 West Cypress Creek Road Fort Lauderdale, FL USA Tel: +1 (800) Tel: +1 (954) EUROPEAN HEADQUARTERS Citrix Systems International GmbH Rheinweg Schaffhausen Switzerland Tel: +41 (52) ASIA PACIFIC HEADQUARTERS About Citrix: Citrix Systems, Inc. (Nasdaq:CTXS) is the global leader in access infrastructure solutions and the most trusted name in enterprise access. Citrix software enables people in businesses, government agencies, and educational institutions to securely, easily and instantly access the on-demand enterprise, from anywhere, anytime, using any device, over any connection. Nearly 50 million people in more than 120,000 organizations rely on the Citrix MetaFrame Access Suite to do their jobs. Citrix customers include 100% of the Fortune 100 companies, 99% of the Fortune 500 and 92% of the Fortune Global 500. Based in Fort Lauderdale, Florida, Citrix has offices in 26 countries, and more than 7,000 channel and alliance partners in more than 100 countries. For more information, visit Citrix Systems Hong Kong Ltd. Suite 3201, 32nd Floor One International Finance Centre 1 Harbour View Street Central Hong Kong Tel: CITRIX ONLINE DIVISION 5385 Hollister Avenue Santa Barbara, CA Tel: +1 (805) Citrix Systems, Inc. All rights reserved. Citrix and MetaFrame are registered trademarks of Citrix Systems, Inc. in the United States and other countries. Microsoft, Windows, Windows NT, and Active Directory are registered trademarks of Microsoft Corporation in the United States and/or other countries. All other trademarks and registered trademarks are the property of their respective owners /PDF
17 Citrix MetaFrame Password Manager 2.0 Security Assessment An Analysis by Foundstone, Inc. April, 2004
18 Table of Contents Table of Contents...2 Introduction and Background...3 Summary...4 Scope and Approach...6 Findings and Recommended Product Enhancements...8 About Foundstone, Citrix and This Report Foundstone, Inc. All Rights Reserved - 2
19 Introduction and Background The Citrix MetaFrame Password Manager 2.0 product, introduced in September 2003, provides enterprise-level single sign-on functionality, enabling users to authenticate just once with a single set of credentials to gain access to a variety of applications, systems and web sites that require secondary logons. Because the system centralizes the management and retention of user and password information, it would be considered a high value target by anyone seeking to compromise a computer environment. Due to the impact that would be associated with the compromise of this product, Citrix commissioned an external security review of Citrix MetaFrame Password Manager 2.0 by Foundstone. The objective of this review was to determine the product s exposure to a variety of threat conditions that were considered to be the most likely avenues of attack against the Citrix MetaFrame Password Manager 2.0 product. This paper describes the results of the security assessment of the Citrix MetaFrame Password Manager 2.0 product which was conducted by Foundstone during March of The remainder of this document describes: Foundstone s conclusions about the security of the Citrix MetaFrame Password Manager 2.0 product. The testing approach taken by Foundstone during the course of the evaluation. Findings and recommendations associated with the security assessment Foundstone, Inc. All Rights Reserved - 3
20 Summary Foundstone concluded that the Citrix MetaFrame Password Manager 2.0 product was well designed from a security perspective. Strong encryption, buffer overflow prevention, appropriate use of operating system and registry permissions and the presence of anti-tampering techniques such as checksums to prevent unauthorized changes in data were all evidence of a solid security framework built into the product. Although several risk factors were noted during the assessment, Citrix was able to respond to each issue either by providing recommended configuration settings to reduce the likelihood that the product would be deployed with the less secure option or, in one instance, by developing a fix to address the concern. As described later in this document, there are other environmental factors that the product cannot be protected against, such as risks associated with the design of the applications that Citrix MetaFrame Password Manager 2.0 interacts with and risks that are associated with the Windows operating system. While all of those risks are real, they do not speak to the security engineered into the Citrix MetaFrame Password Manager 2.0 product. Within this context, Citrix has utilized good security practices and has developed a solid platform. Foundstone believes that the Citrix MetaFrame Password Manager 2.0 product demonstrates a solid approach to security and conforms with best practices Foundstone has seen in the software industry. The major testing areas, findings and recommendations are reflected in the table below: Foundstone, Inc. All Rights Reserved - 4
21 Test Cases, Results and Risk TEST OBJECTIVE RESULT RISK 1 Does the product prevent end users from gaining access to other user settings and credentials? 2 Does the product prevent administrators from gaining access to other user settings or credentials? 3 Are end users and administrators protected against attempts to gain access to their settings and credentials via brute force attacks? 4 Are end user credentials properly protected with encryption when stored centrally or locally? 5 Are end user credentials properly protected with encryption while being transmitted? Yes. Credential information could not be viewed or modified with both file server based and Active Directory based central credential stores. With file server based central credential store, other non-sensitive data, such as application settings and configuration options could be viewed, but not modified. Yes. Administrators cannot view or alter credential information but can view and alter non-sensitive data such as application URL and configuration names. Yes. Verified in testing. Data is encrypted using TripleDES encryption. Yes. Strong TripleDES salted encryption is used. Each user s data is encrypted using per-user keys. Yes. Only non-sensitive settings can be sniffed during synchronization. All credential information is encrypted. Low Low None identified None identified Low The definitions of the risk ratings listed in the table above are: High Risk: The vulnerability would allow an attacker to gain access to sensitive information such as authentication credentials and the likelihood that the exploit could be exercised is relatively high because the knowledge required is not considered rare or there are few safeguards that would prevent such an attack. Medium Risk: The vulnerability would allow an attacker to gain access to sensitive information such as authentication credentials but there are mitigating conditions such as policies, procedures or physical factors that would reduce the likelihood the exploit would be successfully exercised. Low Risk: The vulnerability would allow an attacker to gain access to non-sensitive information such as application settings, application history or configuration options Foundstone, Inc. All Rights Reserved - 5
22 Scope and Approach This section describes the testing approach taken by Foundstone. In addition, the scope of the testing is discussed here in order to clearly describe several activities that were outside the primary objectives of this review. The assessment was performed as a blackbox review in which Foundstone was provided with the same information that any purchaser of the software would have. Specifically, Foundstone had access to the installation disks and associated documentation but no information about the source code or architecture of the product was provided by Citrix. The review was composed of the following major steps: 1. Established a test environment that allowed three product configurations (desktop, server and mixed modes), two operating systems scenarios (Windows 2000 and Windows XP) and two synchronization deployments (Active Directory & File Share) to be evaluated. 2. Reviewed product documentation and other publicly available product information to finalize an attack tree and testing objectives. 3. Monitored the installations of the product to attempt to gain intelligence about the product and its architecture. 4. Conducted tests of the product s security in desktop, mixed and server modes in the two AD and File Share deployments for two different operating environments: Windows 2000 and Windows XP. 5. Summarized the findings from the testing; noting both positive aspects as well as areas for improvement. Several different attack scenarios were assessed during the testing. Foundstone assembled a detailed attack tree that contained all scenarios Foundstone could identify that would allow it to assess how well passwords were protected from inappropriate exposure. The following situations were reflected in the attack tree: Verify that one user cannot view other user s information. Assess whether malicious administrators can access or change another user s or administrator s information. Determine if the application is susceptible to a brute force attack against the credential store. Verify that sensitive data is encrypted when at rest within the application. Verify that data is encrypted when being transmitted between the central credential store and the Citrix MetaFrame Password Manager agent Foundstone, Inc. All Rights Reserved - 6
23 For the purposes of this assessment, sensitive data was considered to be authentication credentials while non-sensitive data was considered to be application settings, application history and user configuration options. All references in the Findings and Recommendations section use these definitions. A number of different tools were used to perform the testing. Those tools were: Filemon Used to monitor file and DLL access and modification Regmon Used to monitor registry access and modification APImon Used to monitor API calls Ethereal Used to capture network traffic SoftIce Software debugger used to reverse engineer Citrix IDAPro Software disassembler used for binary analysis and reverse engineering Dumpbin Binary analysis tool This exercise focused primarily on evaluating the Citrix MetaFrame Password Manager 2.0 product, not vulnerabilities within the operating environment that it resides. Accordingly, Foundstone did not focus extensively on the environmental risk associated with: Vulnerabilities in other applications that may be installed on the same platform as the Citrix MetaFrame Password Manager 2.0 product. Vulnerabilities within the operating system that may allow an administrator to compromise the system level passwords. Consequently, activities that could be performed by rogue system administrators such as installing Trojans, executing key stroke loggers to capture user credentials or cracking the NTLM hash were considered to be outside the scope of this assessment. While all of those activities were possible, none speak to the security engineered into the Citrix MetaFrame Password Manager 2.0 product which was the focus of this effort. These vulnerabilities are inherent within the Windows operating system environment and exist irrespective of the presence or absence of the Citrix MetaFrame Password Manager 2.0 product. Overall, the focus during this security assessment was on issues associated with the design and implementation of the Citrix MetaFrame Password Manager 2.0 product that would expose users or organizations to unnecessary risk. As in any security assessment, the scope of Foundstone s testing activities was not confined to the identification of vulnerabilities. Foundstone also identified positive findings that reflect strong security practices and those instances have been summarized in the Findings and Recommended Product Enhancements section of this document Foundstone, Inc. All Rights Reserved - 7
24 Findings and Recommended Product Enhancements This section describes the major findings and associated recommendations made to Citrix that were identified during the security assessment. The positive findings are listed at the beginning of this section while additional findings are organized by the major testing areas described in the Scope and Approach section of this document. There were a number of positive findings during the security assessment that clearly indicate security was a major consideration during the design and development of Citrix MetaFrame Password Manager 2.0. The major positive observations included: Strong encryption using the Triple-DES algorithm is used to protect sensitive information in the central credential store. This puts limits on the ability of users and administrators to gain access to sensitive information. Debugging tools cannot be used effectively to obtain additional information about the way the application processes data. Operating system and registry permissions restrict a user from writing to another user s settings. Citrix MetaFrame Password Manager 2.0 has protected against an administrator changing a user s password to gain access to the credential store by requiring the user to answer a secret question when a password is changed. Citrix MetaFrame Password Manager 2.0 guarded against brute force attacks on the credential store by allowing only three attempts to guess authentication credentials before logging the user out and requiring the user to log back into Windows. This safeguard, in conjunction with the strong encryption algorithm used, made a brute force attack impractical to execute. Anti-data tampering techniques and checksums have been utilized to prevent alterations to user registry information, the central password store data and password synchronization data. Secure coding practices or some form of consistent development guidelines appear to have been in effect given that no buffer overflow conditions were identified in the application. While many positive aspects were noted during this review, there were also some areas where improvements could be made. In the sections below, Foundstone has summarized the findings and recommendations associated with each of the major attack vectors described earlier in this document Foundstone, Inc. All Rights Reserved - 8
25 1. Appropriate Separation of User Information Finding 1.1 Impact: Low Mitigation: Configure Windows file share access controls to limit user access No security issues were identified that would allow one user to obtain information about another user s authentication credentials. While some limited information could be obtained about other users, this information is not deemed sensitive and was viewed as a low risk item. Specifically, the only information that one user could obtain about another user was their Password Manager settings, the names of the applications they had accessed and the URLs of the applications. The Password Manager settings information was available in the file share and active directory central credential stores. However, the application and URL information was available only in the file share central credential store. Recommended Enhancement: Foundstone s recommendation was to change the Windows file share access controls for the central password store to prevent one user from being able to view another user s information. Ideally, this would be done in the installation process so that no decisions would be required by the installer. 2. Protection Against Malicious Administrator Activity Finding 2.1 Impact: Medium Mitigation: Apply Citrix hot fix MPME100W001 One of the most significant findings of the review was that authentication credentials were occasionally found to be encoded but not encrypted in both the desktop and mixed modes. Credentials encoded with the base64 algorithm could be decoded and, consequently, it would have been possible for an administrator to gain access to user credentials in those situations. It is important to note that this risk only exists in the event an administrator inadvertently fails to configure the agent to point to a central credential store. Such deployment would confine the user to a standalone operation with no synchronization capability for secondary credentials and administrative settings, a configuration that is unlikely to be encountered in a typical Password Manager deployment. This was a medium risk finding due to the fact that a malicious administrator would have the ability to obtain user authentication credentials in these cases Foundstone, Inc. All Rights Reserved - 9
26 In response to the finding described above, Citrix engineered a fix (MPME100W001) that encrypted user authentication credentials so that the unencrypted credentials were no longer available. Foundstone tested the effects of the fix and verified that Foundstone could no longer identify unencrypted user credentials. Finding 2.2 Impact: Low Mitigation: None A second finding was that it was possible in mixed mode to alter the user s application settings, including URLs, and have that information be posted when the user synchronized with the server. This issue would allow an administrator to alter history associated with user activity. This was considered to be a low risk vulnerability because there is little value in being able to alter history information associated with a user s activity. Recommended Enhancement: Foundstone recommended that Citrix consider performing integrity checking on the central store URL and application settings to prevent an administrator from altering user history. However, based on the little risk associated with this finding, it is not clear that there is sufficient benefit to warrant making the change. 3. Protection Against Credential Store Brute Force Attacks Finding 3.1 Impact: Low Mitigation: Encourage strong password formation policies on primary passwords The only finding in this area was that it is possible to determine if a user account has a blank network password as well as what the approximate length of a non-blank network password is. This was considered to be a low risk finding since it provides insight into the best accounts to focus a brute force attack upon but the encryption algorithm still makes it difficult to take advantage of this information. Furthermore, Citrix s documentation recommends that strong network passwords be required to reduce the likelihood that this will be an effective avenue of attack. Recommended Enhancement: The current practices used to prevent a brute force attack against the credential store appeared to be appropriate and are consistent with industry best practices. The only recommendation was to consider implementing an approach to make it more difficult to detect a blank password or determine its approximate length. A possible approach to accomplish this is via integrity controls such as a keyed hash algorithm Foundstone, Inc. All Rights Reserved - 10
Citrix MetaFrame Password Manager 2.5
F E A T U R E S O V E R V I E W Citrix MetaFrame Password Manager 2.5 Citrix access infrastructure provides on-demand access to information, and Citrix MetaFrame Password Manager makes that information
More informationCitrix Password Manager 4.1
F E A T U R E S O V E R V I E W Password Manager 4.1 The access platform provides on-demand access to information, and Password Manager makes that information available with a single logon. Password Manager
More informationChoosing an SSO Solution Ten Smart Questions
Choosing an SSO Solution Ten Smart Questions Looking for the best SSO solution? Asking these ten questions first can give your users the simple, secure access they need, save time and money, and improve
More informationAn Oracle White Paper December 2010. Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance
An Oracle White Paper December 2010 Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance Executive Overview... 1 Health Information Portability and Accountability Act Security
More informationOracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009
Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009 EXECUTIVE OVERVIEW Enterprises these days generally have Microsoft Windows desktop users accessing diverse enterprise applications
More informationAdvanced Service Desk Security
Advanced Service Desk Security Robust end-to-end security measures have been built into the GoToAssist Service Desk architecture to ensure the privacy and integrity of all data. gotoassist.com Many service
More informationCitrix Access Gateway
F E A T U R E S O V E R V I E W Citrix Access Gateway Citrix Access Gateway is a universal SSL VPN appliance that combines the best features of IPSec and typical SSL VPNs without the costly and cumbersome
More informationDriveLock and Windows 7
Why alone is not enough CenterTools Software GmbH 2011 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise
More informationThe Benefits of an Industry Standard Platform for Enterprise Sign-On
white paper The Benefits of an Industry Standard Platform for Enterprise Sign-On The need for scalable solutions to the growing concerns about enterprise security and regulatory compliance can be addressed
More informationEnterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH. White Paper February 2010 www.alvandsolutions.
Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH White Paper February 2010 www.alvandsolutions.com Overview Today s increasing security threats and regulatory
More informationDriveLock and Windows 8
Why alone is not enough CenterTools Software GmbH 2013 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise
More informationCitrix Systems, Inc.
Citrix Password Manager Quick Deployment Guide Install and Use Password Manager on Presentation Server in Under Two Hours Citrix Systems, Inc. Notice The information in this publication is subject to change
More informationWhite paper. Microsoft and Citrix VDI: Virtual desktop implementation scenarios
White paper Microsoft and Citrix VDI: Virtual desktop implementation scenarios Table of contents Objective Microsoft VDI offering components High definition user experience...3 A very cost-effective and
More informationHow To Install A Citrix Netscaler On A Pc Or Mac Or Ipad (For A Web Browser) With A Certificate Certificate (For An Ipad) On A Netscaler (For Windows) With An Ipro (For
Deployment Guide Deployment Guide VeriSign Certificate Authority Citrix NetScaler SSL Deployment Guide Notice: The information in this publication is subject to change without notice. THIS PUBLICATION
More informationEnterprise SSO Manager (E-SSO-M)
Enterprise SSO Manager (E-SSO-M) Many resources, such as internet applications, internal network applications and Operating Systems, require the end user to log in several times before they are empowered
More informationSecurity Architecture Whitepaper
Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer
More informationSymantec Backup Exec 11d for Windows Servers New Encryption Capabilities
WHITE PAPER: ENTERPRISE SECURITY Symantec Backup Exec 11d for Windows Servers New Encryption Capabilities White Paper: Enterprise Security Symantec Backup Exec 11d for Windows Servers Contents Executive
More informationSolutions Brief. Citrix Solutions for Healthcare and HIPAA Compliance. citrix.com/healthcare
Solutions Brief Citrix Solutions for Healthcare and HIPAA Compliance citrix.com/healthcare While most people are well aware of the repercussions of losing personal or organizational data from identity
More informationHP ProtectTools Windows Mobile
HP ProtectTools Windows Mobile White Paper Introduction... 2 Risks... 2 Features... 3 Password Hashing... 4 Password Generation... 5 Password Types... 5 Strong Alphanumeric Passwords... 5 Password Lifetime...5
More informationNavigating Endpoint Encryption Technologies
Navigating Endpoint Encryption Technologies Whitepaper November 2010 THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES. THE CONTENT IS
More informationPASSWORD MANAGEMENT. February 2008. The Government of the Hong Kong Special Administrative Region
PASSWORD MANAGEMENT February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationThe Encryption Anywhere Data Protection Platform
The Encryption Anywhere Data Protection Platform A Technical White Paper 5 December 2005 475 Brannan Street, Suite 400, San Francisco CA 94107-5421 800-440-0419 415-683-2200 Fax 415-683-2349 For more information,
More informationHIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics
HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 5. 2. Security Standards - Organizational, Security Policies Standards & Procedures, - Administrative and Documentation Safeguards
More informationGFI White Paper PCI-DSS compliance and GFI Software products
White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption
More informationCitrix GoToAssist Service Desk Security
Citrix GoToAssist Service Desk Security Robust end-to-end security measures have been built into the GoToAssist Service Desk architecture to ensure the privacy and integrity of all data. 2 Many service
More informationExtending Microsoft Hyper-V with Advanced Automation and Management from Citrix
Extending Microsoft Hyper-V with Advanced Automation and Management from Citrix August 2009 Table of Contents Introducing Citrix Essentials for Hyper-V 3 Challenges of Server Virtualization 3 Components
More informationHIPAA Security. 4 Security Standards: Technical Safeguards. Security Topics
HIPAA Security S E R I E S Security Topics 1. Security 101 for Covered Entities 2. Security Standards - Administrative Safeguards 3. Security Standards - Physical Safeguards 4. Security Standards - Technical
More informationSENSE Security overview 2014
SENSE Security overview 2014 Abstract... 3 Overview... 4 Installation... 6 Device Control... 7 Enrolment Process... 8 Authentication... 9 Network Protection... 12 Local Storage... 13 Conclusion... 15 2
More informationManagement of Hardware Passwords in Think PCs.
Lenovo Corporation March 2009 security white paper Management of Hardware Passwords in Think PCs. Ideas from Lenovo Notebooks and Desktops Workstations and Servers Service and Support Accessories Introduction
More informationRSA Adaptive Authentication and Citrix NetScaler SDX Platform Overview
RSA Adaptive Authentication and Citrix NetScaler SDX Platform Overview 2 RSA and Citrix have a long history of partnership based upon integration between RSA Adaptive Authentication and Citrix NetScaler
More informationSUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This
More informationOracle Enterprise Single Sign-on Logon Manager. Installation and Setup Guide Release 11.1.1.2.0 E15720-02
Oracle Enterprise Single Sign-on Logon Manager Installation and Setup Guide Release 11.1.1.2.0 E15720-02 November 2010 Oracle Enterprise Single Sign-on Logon Manager, Installation and Setup Guide, Release
More informationCitrix XenDesktop with FlexCast technology. Citrix XenDesktop: Desktop Virtualization For All. www.citrix.com
Citrix XenDesktop with FlexCast technology White Paper Citrix XenDesktop: Desktop Virtualization For All www.citrix.com Today s organizations encompass a diverse range of users, from road warriors using
More informationFive reasons why you need Citrix Essentials for Hyper-V now
Five reasons why you need Citrix Essentials for Hyper-V now This paper explores common challenges associated with server virtualization deployments and the ways Citrix Essentials for Hyper-V together with
More informationImplementing HIPAA Compliance with ScriptLogic
Implementing HIPAA Compliance with ScriptLogic A ScriptLogic Product Positioning Paper By Nick Cavalancia 1.800.424.9411 www.scriptlogic.com Table of Contents INTRODUCTION... 3 HIPAA BACKGROUND... 3 ADMINISTRATIVE
More informationTFS ApplicationControl White Paper
White Paper Transparent, Encrypted Access to Networked Applications TFS Technology www.tfstech.com Table of Contents Overview 3 User Friendliness Saves Time 3 Enhanced Security Saves Worry 3 Software Componenets
More informationCitrix Receiver for Enterprise Applications The technical detail
Citrix Receiver for Enterprise Applications Technical White Paper Citrix Receiver for Enterprise Applications The technical detail This technical paper details a solution that lets on-the-road personnel
More informationPasslogix Sign-On Platform
Passlogix Sign-On Platform The emerging ESSO standard deployed by leading enterprises Extends identity management to the application and authentication device level No modifications to existing infrastructure
More informationA Strategic Approach to Enterprise Key Management
Ingrian - Enterprise Key Management. A Strategic Approach to Enterprise Key Management Executive Summary: In response to security threats and regulatory mandates, enterprises have adopted a range of encryption
More informatione-governance Password Management Guidelines Draft 0.1
e-governance Password Management Guidelines Draft 0.1 DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India. Document Control S.
More informationSimplifying Security with Datakey Axis Single Sign-On. White Paper
Simplifying Security with Datakey Axis Single Sign-On White Paper Copyright and trademark notice 2003 Datakey Inc. All rights reserved. Version 1.0 No part of this document may be reproduced or retransmitted
More informationYubiKey Integration for Full Disk Encryption
YubiKey Integration for Full Disk Encryption Pre-Boot Authentication Version 1.2 May 7, 2012 Introduction Disclaimer yubico Yubico is the leading provider of simple, open online identity protection. The
More informationService Overview CloudCare Online Backup
Service Overview CloudCare Online Backup CloudCare s Online Backup service is a secure, fully automated set and forget solution, powered by Attix5, and is ideal for organisations with limited in-house
More informationHow To Use Attix5 Pro For A Fraction Of The Cost Of A Backup
Service Overview Business Cloud Backup Techgate s Business Cloud Backup service is a secure, fully automated set and forget solution, powered by Attix5, and is ideal for organisations with limited in-house
More informationConvenience and security
Convenience and security ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work and home environments.
More informationMulti-factor authentication
CYBER SECURITY OPERATIONS CENTRE (UPDATED) 201 (U) LEGAL NOTICE: THIS PUBLICATION HAS BEEN PRODUCED BY THE DEFENCE SIGNALS DIRECTORATE (DSD), ALSO KNOWN AS THE AUSTRALIAN SIGNALS DIRECTORATE (ASD). ALL
More informationMulti-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access
Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access CONTENTS What is Authentication? Implementing Multi-Factor Authentication Token and Smart Card Technologies
More informationCitrix Password Manager, Enterprise Edition Version 4.5
122-B COMMON CRITERIA CERTIFICATION REPORT No. CRP235 Citrix Password Manager, Enterprise Edition Version 4.5 running on Microsoft Windows and Citrix Presentation Server Issue 1.0 June 2007 Crown Copyright
More informationHow To Achieve Pca Compliance With Redhat Enterprise Linux
Achieving PCI Compliance with Red Hat Enterprise Linux June 2009 CONTENTS EXECUTIVE SUMMARY...2 OVERVIEW OF PCI...3 1.1. What is PCI DSS?... 3 1.2. Who is impacted by PCI?... 3 1.3. Requirements for achieving
More informationThe Benefits of Virtualizing Citrix XenApp with Citrix XenServer
White Paper The Benefits of Virtualizing Citrix XenApp with Citrix XenServer This white paper will discuss how customers can achieve faster deployment, higher reliability, easier management, and reduced
More informationHow Secure is your Authentication Technology?
How Secure is your Authentication Technology? Compare the merits and vulnerabilities of 1.5 Factor Authentication technologies available on the market today White Paper Introduction A key feature of any
More informationPrivileged. Account Management. Accounts Discovery, Password Protection & Management. Overview. Privileged. Accounts Discovery
Overview Password Manager Pro offers a complete solution to control, manage, monitor and audit the entire life-cycle of privileged access. In a single package it offers three solutions - privileged account
More informationContents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008
Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Contents Authentication and Identity Assurance The Identity Assurance continuum Plain Password Authentication
More informationZENworks 11 Support Pack 4 Full Disk Encryption Agent Reference. May 2016
ZENworks 11 Support Pack 4 Full Disk Encryption Agent Reference May 2016 Legal Notice For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government
More informationApplication Security WHY NETWORK FIREWALLS AND INTRUSION PREVENTION SYSTEMS AREN T ENOUGH
W H I T E P A P E R Application Security WHY NETWORK FIREWALLS AND INTRUSION PREVENTION SYSTEMS AREN T ENOUGH Table of Contents 2 Network Firewalls: Notable Facts Why that s good Why that s not good enough
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationTechnical White Paper BlackBerry Security
Technical White Paper BlackBerry Security For Microsoft Exchange Version 2.1 Research In Motion Limited 2002 Research In Motion Limited. All Rights Reserved Table of Contents 1. INTRODUCTION... 1 2. ARCHITECTURE...
More informationWHITE PAPER AUGUST 2014. Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords
WHITE PAPER AUGUST 2014 Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords 2 WHITE PAPER: PREVENTING SECURITY BREACHES Table of Contents on t Become the Next Headline
More informationDashlane Security Whitepaper
Dashlane Security Whitepaper November 2014 Protection of User Data in Dashlane Protection of User Data in Dashlane relies on 3 separate secrets: The User Master Password Never stored locally nor remotely.
More informationFINAL DoIT 04.01.2013- v.8 APPLICATION SECURITY PROCEDURE
Purpose: This procedure identifies what is required to ensure the development of a secure application. Procedure: The five basic areas covered by this document include: Standards for Privacy and Security
More informationRSA Authentication Manager 7.1 Security Best Practices Guide. Version 2
RSA Authentication Manager 7.1 Security Best Practices Guide Version 2 Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com. Trademarks
More informationCitrix XenClient. Extending the benefits of desktop virtualization to mobile laptop users. www.citrix.com
Citrix XenClient White Paper Citrix XenClient Extending the benefits of desktop virtualization to mobile laptop users www.citrix.com Executive summary Desktop virtualization is attractive to organizations
More informationWHITE PAPER. Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ)
WHITE PAPER Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ) SEPTEMBER 2004 Overview Password-based authentication is weak and smart cards offer a way to address this weakness,
More informationMedia Shuttle s Defense-in- Depth Security Strategy
Media Shuttle s Defense-in- Depth Security Strategy Introduction When you are in the midst of the creative flow and tedious editorial process of a big project, the security of your files as they pass among
More informationetoken Single Sign-On 3.0
etoken Single Sign-On 3.0 Frequently Asked Questions Table of Contents 1. Why aren t passwords good enough?...2 2. What are the benefits of single sign-on (SSO) solutions?...2 3. Why is it important to
More informationCitrix Ready Solutions Brief. CA Single Sign-On and Citrix NetScaler: Quickly Adapt to Your Dynamic Authentication Demands. citrix.
CA Single Sign-On and Citrix NetScaler: Quickly Adapt to Your Dynamic Authentication Demands citrix.com/ready CA Technologies and Citrix have partnered to integrate their complementary, industry-leading
More informationHIPAA Security COMPLIANCE Checklist For Employers
Compliance HIPAA Security COMPLIANCE Checklist For Employers All of the following steps must be completed by April 20, 2006 (April 14, 2005 for Large Health Plans) Broadly speaking, there are three major
More informationHIPAA Security Alert
Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information
More informationCitrix OpenCloud Access. Accelerate cloud computing adoption and simplify identity management. www.citrix.com
Citrix OpenCloud Access White Paper Citrix OpenCloud Access Accelerate cloud computing adoption and simplify identity management www.citrix.com Executive summary Cloud-hosted application delivery models
More informationNetScaler SQL Intelligent Load Balancing. Scaling the Data Tier with. www.citrix.com
Scaling the Data Tier with Citrix NetScaler SQL Intelligent Load Balancing www.citrix.com Executive summary The growth of social networks, video, mobile and the Web in general has resulted in an explosion
More informationSalesforce1 Mobile Security Guide
Salesforce1 Mobile Security Guide Version 1, 1 @salesforcedocs Last updated: December 8, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,
More informationSSO MetaFrame Password Manager
SSO MetaFrame Password Manager SSO METAFRAME PASSWORD MANAGER White Paper 1 What is Citrix MetaFrame Password Manager? The MetaFrame Password Manager is a component of the MetaFrame Access Suite from Citrix
More informationKeep Your Data Secure in the Cloud Using encryption to ensure your online data is protected from compromise
Protection as a Priority TM Keep Your Data Secure in the Cloud to ensure your online data is protected from compromise Abstract The headlines have been dominated lately with massive data breaches exposing
More informationHIPAA Security Matrix
HIPAA Matrix Hardware : 164.308(a)(1) Management Process =Required, =Addressable Risk Analysis The Covered Entity (CE) can store its Risk Analysis document encrypted and offsite using EVault managed software
More informationWindows Least Privilege Management and Beyond
CENTRIFY WHITE PAPER Windows Least Privilege Management and Beyond Abstract Devising an enterprise-wide privilege access scheme for Windows systems is complex (for example, each Window system object has
More information2007 Microsoft Office System Document Encryption
2007 Microsoft Office System Document Encryption June 2007 Table of Contents Introduction 1 Benefits of Document Encryption 2 Microsoft 2007 Office system Document Encryption Improvements 5 End-User Microsoft
More informationCitrix Password Manager Administrator s Guide. Citrix Password Manager Citrix Password Manager 4.5 Citrix Access Suite
Citrix Password Manager Administrator s Guide Citrix Password Manager Citrix Password Manager 4.5 Citrix Access Suite Copyright and Trademark Notice Use of the product documented in this guide is subject
More informationServer-based Password Synchronization: Managing Multiple Passwords
Server-based Password Synchronization: Managing Multiple Passwords Self-service Password Reset Layer v.3.2-004 PistolStar, Inc. dba PortalGuard PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax:
More informationAdvanced virtualization management for Hyper-V and System Center environments. www.citrix.com
Advanced virtualization management for Hyper-V and System Center environments www.citrix.com Introduction Microsoft Hyper-V provides a dynamic, reliable and scalable virtualization platform enabling cost
More informationBuilding a better branch office. www.citrix.com
Building a better branch office www.citrix.com Introduction The majority of workers today are in branch offices, not in a headquarters facility. In many instances, all of the applications used by branch
More informationPREPARED BY: AUDIT PROGRAM Author: Lance M. Turcato. APPROVED BY: Logical Security Operating Systems - Generic. Audit Date:
A SYSTEMS UNDERSTANDING A 1.0 Organization Objective: To ensure that the audit team has a clear understanding of the delineation of responsibilities for system administration and maintenance. A 1.1 Determine
More informationAn Oracle White Paper December 2010. Implementing Enterprise Single Sign-On in an Identity Management System
An Oracle White Paper December 2010 Implementing Enterprise Single Sign-On in an Identity Management System Introduction Most users need a unique password for every enterprise application, causing an exponential
More informationidentity management in Linux and UNIX environments
Whitepaper identity management in Linux and UNIX environments EXECUTIVE SUMMARY In today s IT environments everything is growing, especially the number of users, systems, services, applications, and virtual
More informationThe Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency
logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011
More informationHigh availability and disaster recovery with Microsoft, Citrix and HP
High availability and disaster recovery White Paper High availability and disaster recovery with Microsoft, Citrix and HP Using virtualization, automation and next-generation storage to improve business
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 10 Authentication and Account Management
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 10 Authentication and Account Management Objectives Describe the three types of authentication credentials Explain what single sign-on
More informationDigitalPersona Pro Enterprise
DigitalPersona Pro Enterprise Version 5.3 Frequently Asked Questions 2012 DigitalPersona, Inc. All Rights Reserved. All intellectual property rights in the DigitalPersona software, firmware, hardware and
More informationCHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device
CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge
More informationMCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features
MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features Objectives Describe Windows 7 Security Improvements Use the local security policy to secure Windows 7 Enable auditing to record security
More informationCompliance and Security Challenges with Remote Administration
Sponsored by Netop Compliance and Security Challenges with Remote Administration A SANS Whitepaper January 2011 Written by Dave Shackleford Compliance Control Points Encryption Access Roles and Privileges
More informationWindows Operating Systems. Basic Security
Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System
More informationTrend Micro Cloud Security for Citrix CloudPlatform
Trend Micro Cloud Security for Citrix CloudPlatform Proven Security Solutions for Public, Private and Hybrid Clouds 2 Trend Micro Provides Security for Citrix CloudPlatform Organizations today are embracing
More informationAccelerating Microsoft Windows 7 migrations with Citrix XenApp
Citrix XenApp and Microsoft Windows 7 White Paper Accelerating Microsoft Windows 7 migrations with Citrix XenApp XenApp will accelerate your Windows 7 migration, save money and resources, minimize disruption
More informationSecured email Enterprise eprivacy Suite
EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT Secured email Enterprise eprivacy Suite JANUARY 2007 www.westcoastlabs.org 2 EMAIL SECURITY SOLUTIONS TECHNOLOGY REPORT CONTENTS Secured email Enterprise eprivacy
More informationCA SiteMinder SSO Agents for ERP Systems
PRODUCT SHEET: CA SITEMINDER SSO AGENTS FOR ERP SYSTEMS CA SiteMinder SSO Agents for ERP Systems CA SiteMinder SSO Agents for ERP Systems help organizations minimize sign-on requirements and increase security
More informationCybersecurity and Secure Authentication with SAP Single Sign-On
Solution in Detail SAP NetWeaver SAP Single Sign-On Cybersecurity and Secure Authentication with SAP Single Sign-On Table of Contents 3 Quick Facts 4 Remember One Password Only 6 Log In Once to Handle
More informationCitrix OpenCloud Access. Enabling seamless delivery of cloud-hosted applications. www.citrix.com
Citrix OpenCloud Access White Paper Citrix OpenCloud Access Enabling seamless delivery of cloud-hosted applications www.citrix.com Executive summary Consumerization, user mobility, geographic expansion
More informationComplying with PCI Data Security
Complying with PCI Data Security Solution BRIEF Retailers, financial institutions, data processors, and any other vendors that manage credit card holder data today must adhere to strict policies for ensuring
More informationCritical Issues with Lotus Notes and Domino 8.5 Password Authentication, Security and Management
Security Comparison Critical Issues with Lotus Notes and Domino 8.5 Password Authentication, Security and Management PistolStar, Inc. PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax: 603.546.2309
More informationSPICE EduGuide EG0015 Security of Administrative Accounts
This SPICE EduGuide applies to HSC information systems, specifically Administrative login accounts; (aka Admin accounts) and the faculty, staff and students who use them. Admin accounts are logon IDs and
More information