Smart Card Two Factor Authentication



Similar documents
DeltaV v11 and v12.3 Supported Computers

DeltaV Workstation Operating System Licensing Implications with Backup and Recovery

The Personal Computer for DeltaV Wokstations

Windows Operating System Upgrade Kits

Base Station. Base Station. Introduction. DeltaV Product Data Sheet. Adaptable work environment. Scalable to suit your needs. Dedicated functional use

Plant Messenger Alert Reporting Service

Plantwide Event Historian

OPC Data Access Server Redundancy

Backup and Recovery. Backup and Recovery. Introduction. DeltaV Product Data Sheet. Best-in-class offering. Easy-to-use Backup and Recovery solution

DeltaV Executive Portal

Professional Station Software Suite

DeltaV Web Server. DeltaV Web Server. Introduction. DeltaV Product Data Sheet. Gives you a secure view of your process from your desktop PC

Microsoft Windows Server 2003 Integration Guide

Backup and Recovery. Backup and Recovery. Introduction. DeltaV Product Data Sheet. Best-in-class offering. Easy-to-use Backup and Recovery solution

Backup and Recovery FAQs

DeltaV System Software Update Deployment

XLReporter for DeltaV Analyze

DeltaV Event Chronicle

DeltaV Operator Keyboard

Windows XP Exchange Client Installation Instructions

How To Use The Deltav System With A Large Data File System

Batch Historian. Introduction. Benefits. Configuration-free, batch-based data collection. Reliable data retrieval through data buffering

Application Station Software Suite

DeltaV Virtual Studio

DeltaV Remote Client. DeltaV Remote Client. Introduction. DeltaV Product Data Sheet. Remote engineering and operator consoles

Maintenance Station Software Suite

ProfessionalPLUS Station Software Suite

How To Access Historical Data From The Deltav Oca History Server On A Pc Hda (Opc Hda) On A Microsoft Computer (Opca) Or Microsoft Microsoft Memory Card (Procedure) On An Ipc

OPC Mirror. OPC Mirror. Introduction. Product Data Sheet. Bi-directional data flow. Easy configuration. Fast data transfer. OPC Data Access compliant

DeltaV Network Time Synchronization

DeltaV Event Chronicle

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide

Backup and Recovery. Introduction. Benefits. Best-in-class offering. Easy-to-use Backup and Recovery solution.

DigitalPersona Pro Enterprise

4cast Server Specification and Installation

Process Miner (PM) Introduction. Search cross-lot data by product code, order numbers, and data parameters

Operator Station Software Suite

WHITE PAPER. Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ)

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

Emerson Smart Firewall

Defender Token Deployment System Quick Start Guide

NTP Software File Auditor for Windows Edition

VERITAS Backup Exec TM 10.0 for Windows Servers

Batch Analytics. Predicts end-of-batch quality. Detects process faults and provides reason for deviation so operations can take action in real time

Automated Patch Management Service

USER GUIDE WWPass Security for Windows Logon

Local Patch Management Update Service

DeltaV Virtualization High Availability and Disaster Recovery

Quick Start Guide for VMware and Windows 7

HOTPin Integration Guide: DirectAccess

M-series MD Plus Controller

Remote Access Password Tips

Desktop Web Access Single Sign-On Configuration Guide

DeltaV OPC.NET Server

Quick Instructions Installing on a VPS (Virtual Private Server)

Registered Trademarks and Proprietary Names

Nexio Connectus with Nexio G-Scribe

Check Point FDE integration with Digipass Key devices

Yale Software Library

Registered Trademarks and Proprietary Names

Quick Install Guide - Safe AutoLogon For First-time Users - Installing and Running the Software. Published: February 2013 Software version: 5.

External Authentication with Windows 2003 Server with Routing and Remote Access service Authenticating Users Using SecurAccess Server by SecurEnvoy

Strong Authentication for Microsoft SharePoint

Strong Authentication for Microsoft TS Web / RD Web

OpenEnterprise Terminal Services Reference Guide (V2.83)

DeltaV System Cyber-Security

User Guide Remote PIV to VDI Using a PIV Card

Chapter 1, OneSign Authentication Methods Chapter 2, Two-Factor Authentication in OneSign Chapter 3, Emergency Access Privileges

Two Factor Authentication in SonicOS

Reporting works by connecting reporting tools directly to the database and retrieving stored information from the database.

Accessing the Media General SSL VPN


Cloud Services ADM. Agent Deployment Guide

Entrust Managed Services PKI

Datacolor TOOLS. Datacolor TOOLS QCX. Datacolor TOOLS WORKSTATION

CRYPTOLogon Agent. for Windows Domain Logon Authentication. Deployment Guide. Copyright , CRYPTOCard Corporation, All Rights Reserved.

DeltaV Logbooks. Benefits. Introduction. Minimize shift handover risk. Electronically document events, observations, and notes.

How To Integrate Watchguard Xtm With Secur Access With Watchguard And Safepower 2Factor Authentication On A Watchguard 2T (V2) On A 2Tv 2Tm (V1.2) With A 2F

ProfessionalPLUS Station Software Suite

DeltaV System Health Monitoring Networking and Security

5 Day Imprivata Certification Course Agenda

Quick Start Guide for Parallels Virtuozzo

NTP Software File Reporter Analysis Server

Data Collection Agent for Active Directory

Remote Terminal Service (RTS) User Guide (Version 2.1)

Citrix Access Gateway Plug-in for Windows User Guide

DeltaV Virtual Studio

RSA Authentication Manager 7.1 Basic Exercises

System Administration Training Guide. S100 Installation and Site Management

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

External Authentication with Citrix Access Gateway Advanced Edition

File Auditor for NAS, Net App Edition

Endpoint Security for DeltaV Systems

Two-factor authentication Free portable encryption for USB drive Hardware disk encryption Face recognition logon

Defender EAP Agent Installation and Configuration Guide

Securing Administrator Access to Internal Windows Servers

Endpoint Security VPN for Windows 32-bit/64-bit

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web

Application Note. ShoreTel 9: Active Directory Integration. Integration checklist. AN June 2009

Transcription:

January 2013 Page 1 Smart Card Two Factor Authentication The combination of a smart card and PIN provides Two-Factor Authentication, where two items are needed: something physical the user has (a smart card) and something the user knows (a PIN). Since something physical and something non-physical are both required, the result is a much more secure means of authenticating users. www.deltav.com

January 2013 Page 2 Table of Contents Introduction... 3 DeltaV Logon Smart Card Optional... 3 DeltaV FlexLock and DeltaV Logon Smart Card Required... 4 Windows Remote Desktop Settings... 5 Microsoft Smart Card Enrollment... 6 Summary... 7 System Requirements... 7 Support... 7

January 2013 Page 3 Introduction The combination of a smart card and a PIN provides Two-Factor Authentication, where two items are needed: something physical the user has (a smart card) and something the user knows (a PIN). Since something physical and something non-physical are both required, the result is a much more secure means of authenticating users. Logins based on usernames and passwords are not as secure as Two-Factor Authentication since usernames are easily determined they are essentially single-factor authentication (i.e. something you know the password or personal identification number (PIN). To make the system more secure, a physical entity is added to the login requirement a smart card. A smart card is a badge-like device that stores user credentials. These credentials can include name, Microsoft Windows certificates, and card lifetime. DeltaV Logon Smart Card Optional The DeltaV logon dialog has been modified to allow the user to check the Use Smart Card Logon checkbox, which removes the user name entry and directs the user to insert a smart card and enter a PIN. (See Figure 1.) Figure 1 DeltaV Logon Smart Card Optional

January 2013 Page 4 DeltaV FlexLock and DeltaV Logon Smart Card Required FlexLock has a new menu option that DeltaV administrators and Windows administrators have the privilege to select that requires users to use a Smart Card and PIN rather than a user name and password. When the Smart Card Required option is selected, the DeltaV logon dialog changes to prompt the user to insert a smart card and enter a PIN. This setting is set for each workstation and is preserved during DeltaV upgrades. (See Figures 2 and 3.) Figure 2 DeltaV FlexLock Smart Card Required Figure 3 DeltaV Logon Smart Card Required

January 2013 Page 5 Windows Remote Desktop Settings Smart Card credentials can be transferred through the Windows Remote Desktop application. If you are using Smart Cards as a means of ensuring physical presence at a specific workstation, then the workstation settings must be changed to not allow users to remotely connect to the workstation being configured for local-only access. The System Properties dialog can be found on the control panel of the workstation. Figure 4 XP Remote Desktop Settings

January 2013 Page 6 Microsoft Smart Card Enrollment Smart Card Two-Factor Authentication will work with any hardware compatible with the Microsoft Crypto API Interface. System administrators must run the utilities supplied with the card reader to set up the cards for each user. They must also use the required Microsoft Certificate Authority Server application to enroll users certificates and embed them on the users cards. (See Figure 5.) Figure 5 Certificate Enrollment

January 2013 Page 7 Summary This security enhancement is supported in DeltaV version 9.3 software and later. Two options will be available: card allowed and card required. The setting will be stored in the workstation s registry and will persist through future upgrades of the DeltaV software. The Smart Card readers must be compatible with Microsoft Windows XP. The DeltaV system has been fully tested with Athena smart card readers. The DeltaV system uses the utilities supplied with the card reader. Smart Card authentication replaces the DeltaV logon at the operator workstation level. System Requirements The system requirements to deploy smart card Two-Factor Authentication are: Windows 2003 Active Directory installation in the DeltaV software A Windows 2003 Server with Certificate Authority deployed Windows XP-compatible Smart Card readers installed on DeltaV workstations requiring Two-Factor Authentication Support Smart Card Two-Factor Authentication works only for Smart Card solutions and not biometric devices (e.g. fingerprint readers). Any Smart Card readers that are compatible with Microsoft Windows XP are supported.

January 2013 Page 8 This page intentionally left blank. To locate a sales office near you, visit our website at: www.emersonprocess.com/deltav Or call us at: Asia Pacific: 65.6777.8211 Europe, Middle East: 41.41.768.6111 North America, Latin America: +1 800.833.8314 or +1 512.832.3774 Emerson Process Management 2013. All rights reserved. For Emerson Process Management trademarks and service marks, go to: http://www.emersonprocess.com/home/news/resources/marks.pdf. The contents of this publication are presented for informational purposes only, and while every effort has been made to ensure their accuracy, they are not to be construed as warrantees or guarantees, express or implied, regarding the products or services described herein or their use or applicability. All sales are governed by our terms and conditions, which are available on request. We reserve the right to modify or improve the design or specification of such products at any time without notice. www.deltav.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information