Скачать презентацию Corporate Presentation TWO FACTOR AUTHENTICATION 2005 -07 Скачать презентацию Corporate Presentation TWO FACTOR AUTHENTICATION 2005 -07

f13d19cbfd5f4084636daa75bc94932c.ppt

  • Количество слайдов: 19

Corporate Presentation TWO FACTOR AUTHENTICATION © 2005 -07 Neo. Accel, Inc. Corporate Presentation TWO FACTOR AUTHENTICATION © 2005 -07 Neo. Accel, Inc.

What is Authentication? • Authentication is the process of identifying a user. • Authentication What is Authentication? • Authentication is the process of identifying a user. • Authentication is the process of establishing whether or not a real-world subject is who or what its identifier says it is. • The verification of the identity of a person or process. © 2005 -07 Neo. Accel, Inc. 3/15/2018

Uneasiness of using strong password • Long & Complex Passwords • Limited duration for Uneasiness of using strong password • Long & Complex Passwords • Limited duration for password validity • Continuous password change & resets • password generation © 2005 -07 Neo. Accel, Inc. 3/15/2018

To the rescue What’s The Solution? . . TWO FACTOR AUTHENTICATION © 2005 -07 To the rescue What’s The Solution? . . TWO FACTOR AUTHENTICATION © 2005 -07 Neo. Accel, Inc. 3/15/2018

Two Factor Authentication Two-Factor Authentication: What is it? . . . Something you know… Two Factor Authentication Two-Factor Authentication: What is it? . . . Something you know… + Something you have. . . OR Something you are… © 2005 -07 Neo. Accel, Inc. 3/15/2018

Something You Know “Something You Know……. ” • User Id & Password • PIN Something You Know “Something You Know……. ” • User Id & Password • PIN (Personal Identification Number) • Account Number • Certificates © 2005 -07 Neo. Accel, Inc. 3/15/2018

Something You Have “Something You Have…. ” A physical element (Token) which is in Something You Have “Something You Have…. ” A physical element (Token) which is in the sole possession of the valid owner, and of which only one physical copy exists. USB Tokens Smart Cards OTP Token © 2005 -07 Neo. Accel, Inc. 3/15/2018 Multi-Function Devices

Something You Are “Something You Are…. ” Biometrics Retinal Scan Voice Recognition Finger Print Something You Are “Something You Are…. ” Biometrics Retinal Scan Voice Recognition Finger Print Recognition © 2005 -07 Neo. Accel, Inc. 3/15/2018

Why Two Factor is Strong • Identity theft prevention • Prevention from phishing & Why Two Factor is Strong • Identity theft prevention • Prevention from phishing & replay attacks • Loss of one of the factors does not compromise security • Lost token’s or certificates can be revoked © 2005 -07 Neo. Accel, Inc. 3/15/2018

Two Factor Authentication Two Factor authentication in Neo. Accel SSL VPN-Plus • RSA Secure Two Factor Authentication Two Factor authentication in Neo. Accel SSL VPN-Plus • RSA Secure ID • Hardware One Time Password (OTP) Tokens • Software based OTP Tokens • SSL Client Certificate on Tokens © 2005 -07 Neo. Accel, Inc.

RSA Secure ID • Admin activates RSA Token for each user and provides to RSA Secure ID • Admin activates RSA Token for each user and provides to the user • User provides username and One Time Password code generated by RSA token to login into SSL VPN-Plus • SSL VPN-Plus Gateway talks to RSA Secure ID RADIUS Server to authenticate the user • If required RSA Server can ask for Next PIN or Change PIN © 2005 -07 Neo. Accel, Inc.

RSA Secure ID User Interface SSL VPN-Plus Web Access Terminal Secure Simplified Access No RSA Secure ID User Interface SSL VPN-Plus Web Access Terminal Secure Simplified Access No client software required © 2005 -07 Neo. Accel, Inc.

Hardware OTP Tokens • Cheap alternative to RSA Secure ID solution • Admin activates Hardware OTP Tokens • Cheap alternative to RSA Secure ID solution • Admin activates OTP Token for each user and provides to the user • User provides username and One Time Password code generated by token to login into SSL VPN-Plus • SSL VPN-Plus Gateway talks to OTP Token Server to authenticate the user © 2005 -07 Neo. Accel, Inc.

Hardware OTP Tokens…contd • Any third party OTP Hardware Token that provides RADIUS or Hardware OTP Tokens…contd • Any third party OTP Hardware Token that provides RADIUS or AD interface is supported by SSL VPN-Plus • Tested with Aladdin, Secure Computing, Vasco tokens © 2005 -07 Neo. Accel, Inc.

Software based OTP Tokens • Cheapest OTP Solution • OTP is generated by software Software based OTP Tokens • Cheapest OTP Solution • OTP is generated by software agent running on PC, mobile, PDA, palmtop, etc. • User need to carry extra device • Admin provides PIN and software to user to install on the device used by User © 2005 -07 Neo. Accel, Inc.

Software based OTP Tokens…contd • Any third party Software Token is supported if the Software based OTP Tokens…contd • Any third party Software Token is supported if the server module provides RADIUS or AD interface • SSL VPN-Plus has been tested with Wikid Software Token solution (User need to carry extra device) © 2005 -07 Neo. Accel, Inc.

SSL Client Certificate • Authenticate users based on the SSL Client Certificate produced by SSL Client Certificate • Authenticate users based on the SSL Client Certificate produced by user at the time of login • Admin creates SSL Client certificates for users and provide to users via email or place it on hardware tokens • User provides SSL Certificate at the time of login when asked by Gateway • Gateway uses CA cert specified by Admin to verify the validity of Client Certificate © 2005 -07 Neo. Accel, Inc.

SSL Client Certificate…contd • Easy to deploy and manage • Based on proven most SSL Client Certificate…contd • Easy to deploy and manage • Based on proven most secure PKI technology • Client Certificate can be installed on user’s PC or a USB token that can be easily carried by user • Client Certificate can be easily revoked if device carrying the certificate is lost © 2005 -07 Neo. Accel, Inc.

The End Neo. Accel, NAM-Plus, SSL VPN-Plus, Intelligent Connection Acceleration Architecture, ICAA, TSSL, and The End Neo. Accel, NAM-Plus, SSL VPN-Plus, Intelligent Connection Acceleration Architecture, ICAA, TSSL, and Secure Everything are trademarks of Neo. Accel, Inc. All other names are or may be trademarks of their respective owners. © 2005 -07 Neo. Accel, Inc.