Authentication Levels. White Paper April 23, 2014

Transcription

1 Summary White Paper April 23, 2014 This document describes levels of authentication that can be utilized for users known and unknown to gain access to applications and solutions. Summary... 1 Description... 2 Multi-step Authentication Options... 4 Layers of Security

2 Description From least secure to most, the levels of authentication can be described as: 1. Single factor authentication a) Requires the use of one factor, usually something the user knows b) Examples ñ Password ñ PIN 2. Multi-step authentication a) Requires a multi-step authentication process. The difference between multi-step and multi-factor is that multi-factors are all required simultaneously, and multi-step has steps which much be executed in consecutive order successfully. A multi-step authentication scheme which requires two physical keys, or two passwords, or two forms of biometric identification is not two-factor. b) Examples ñ Gmail: After providing the password you've memorized, you're required to also provide the one-time password displayed on your phone. While the phone may appear to be "something you have", from a security perspective it's still "something you know". This is because the key to the authentication isn't the device itself, but rather information stored on the device that could in theory be copied by an attacker. So, by copying both your memorized password and the OTP configuration, an attacker could successfully impersonate you. ñ Box: if you login to Box from a new device or computer, Box will text or you a verification code which then needs to be entered to access Box from that new device. 3. authentication a) Requires the use of two-factors from the list of: ñ Something you have (token, key, etc.) ñ Something you know (password, PIN) ñ Something you are (fingerprint, retina scan, etc.) b) is a subset of two-step, but not vice versa c) Examples ñ PKI systems that use password (something you know) to unlock keystore (something you have) containing public key/private key pair. 4. Multi-factor authentication a) Requires the use of three or more factors from the list of: ñ Something you have (token, key, etc.) 2

3 ñ Something you know (password, PIN) ñ Something you are (fingerprint, retina scan, etc.) b) Examples ñ Key card entry systems that require fingerprint or retina scan. Slide in your card (something you have), enter the pin code (something you know) and scan your fingerprint (something you are) 3

4 Multi-step Authentication Options There are several options for multi-step authentication, with varying levels of ease of use and security. Some examples: to known address and Text to known Cell Phone Description: after an attempt to register or authenticate, a verification link ( ) or code (cell phone) is sent to known contact information for the user. Pros: well-understood (in common usage by many consumer systems) Cons: highly dependent on validity of user record (i.e., cell phone and address must be accurate and proven); assumes only the user is using their address or cell phone. Known user registers unknown user Description: a known user (e.g., an employee) utilizes his relationship with an unknown user (i.e., known user vouches for the identity of the unknown user) and registers the unknown user. Pros: controlled registration environment (ease of implementation) Cons: requires physical presence of the known user with the unknown user; puts trust of identification with current known user (i.e. requires audit). Layers of Security Authentication is just one layer of security. A common methodology for classifying the different layers of security is presented below. Authentication Authentication identifies the user. As seen in the previous sections, different methods can provide varying levels of certainty in identifying the user. Within Enterprises, authentication can and should be tied to existing user repositories, such as Active Directory. Authorization Authorization provides an authenticated user with permission to certain resources. For example, certain users may be allowed by an Enterprise access to certain patient s data. Authorization is typically managed through a mapping table that the Enterprise keeps, and may be organizational (i.e., managers are allowed to see what their team members see). Encryption of Data at Rest Data stored on a PC, tablet, smart phone or other device can be encrypted depending on the type of data and the Enterprises policies. Encryption of the data 4

5 Media Sourcery solutions depend on user type (known/authenticated or unknown/anonymous). For known users: Data can be encrypted with user s receiver s public key after user clicks send The record store on the device is private The data is queue (in its encrypted state) if no data connection is found The data is removed from the queue after assured delivery For unknown users, the main difference in the encryption process is that data is encrypted with the server or organization s public key after the user clicks send Encryption of Data in Motion Data being transported can be encrypted at the transport level ( or secure VPN) and/or as an encrypted data parcel, using a two-factor PKI (Public Key Infrastructure) solution. Electronic Signatures An electronic signature, or esignature, is an electronic indication of intent to agree to, adopt or approve the contents of a document. These can be digital images of a signature, captured after signing with a finger, stylus or other instrument. The U.S. Federal ESIGN Act defines an electronic signature as an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record. Digital Signatures Digital Signatures use a mathematical process, usually based on public key infrastructure (PKI) to ensure the authenticity of a digital message, digital document or other digital information. A digital signature is one form of electronic signature. Digital signatures ensure the authenticity of the signer and to trust that a signature is valid through the use of authentication, non-repudiation and usually a public and private key pair. Non- Repudiation Non-repudiation ensures that the sender of a certain piece of digital data cannot successfully challenge the validity that they sent that data. Media Sourcery s patented non-repudiation implements this utilizing several methods to ensure identity, integrity of the data, and audit trail. Tracking and audit trail All events in the data s security life cycle are tracked and logged. Easy to read audit trail reports can be produced from this data, or the log files can be integrated into an existing log file processing and reporting system. 5

6 Media Sourcery Solutions The following table shows how the previously described levels of authentication and security apply to Media Sourcery s current solutions. Solution Secure Workflow Secure data Messenger Secure forms Messenger Secure text Messenger Secure Replicator Authentication Authorization Encryption at Rest Single factor Enterprise ipad ios custom secure storage browser data not persisted Single or two factor Singe or two factor Two factor Group mapping N/A Group mapping Enterprise custom Known and unknown user model Device uses PKI to encrypt for receiver before send Known and unknown user model Device: Current device protection Future PKI Browser: data not persisted Known and Unknown (plug-in dependent) Encryption in Motion Parcel is encrypted as it transits, decrypted on receipt Parcel is encrypted as it transits, decrypted on receipt Digital Signatures N/A with esig Two factor 6

7 For More Information Contact us at: Media Sourcery, Inc