Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • AuthShield - Two Factor Authentication

    Загружено:

    AuthShield Lab
    105 просмотров23 страницы
    Authshield offers the user SMS Token or Voice Token as a form of authentication where a SMS with the One Time password is sent to the user or a call made to his handset where a user just presses a button on their keypad to authenticate.

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    Authshield offers the user SMS Token or Voice Token as a form of authentication where a SMS with the One Time password is sent to the user or a call made to his handset where a user just presses a button on their keypad to authenticate.

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    105 просмотров23 страницы

    AuthShield - Two Factor Authentication

    Загружено:

    AuthShield Lab
    Authshield offers the user SMS Token or Voice Token as a form of authentication where a SMS with the One Time password is sent to the user or a call made to his handset where a user just presses a button on their keypad to authenticate.

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 23

    AUTHSHIELD TWO

    FACTOR AUTHENTICATION
    The threats from within are increasing on a daily basis.
    78% of all information security breaches happen
    internally

    CASE STUDIES
    Information Security at its best

    UNIQUE CASE STUDIES

    Database Queries - Workflow


    Management

    SAP GUI and Net weaver

    Private and Confidential -INNEFU LABS

    Mail Solutions

    AUTHSHIELD INTEGRATION WITH


    MAIL SERVER

    Request forwarded to AuthShield Frontend


    Plugin
    Second factor Authentication validated from
    Authentication server

    On validation user name and password request


    forwarded to Exchange

    Private and Confidential - INNEFU LABS

    User enters User Name & Password

    2/27/2015

    User enters User Name


    and Password on Web
    Portal

    OWA checks for whether


    OTP Prompt has to be
    shown or not

    In case Yes, user is


    prompted for OTP else
    request is forwarded to
    exchange
    OTP is validated from
    AuthShield Server

    Microsoft Exchange with


    Authentication Frontend Plugin

    2
    4

    On OTP validation,
    original / corrupted
    request is forwarded to
    exchange

    AuthShield Authentication Server

    3
    Active Directory

    SAP GUI INTEGRATION

    Request forward to AuthShield Frontend server

    Second Factor of Authentication checked with


    Authentication Server
    User Name and Password are authenticated as
    normal

    Private and Confidential - INNEFU LABS

    2FA integration with SAP GUI

    2/27/2015

    PROCESS FLOW
    User enters User Name and
    Password in his client as
    normal. Request sent to
    AuthShield frontend

    Checks for OTP requirement


    from Authentication server.
    If yes it sends a notification
    to the handset / Desktop of
    the user

    On OTP validation,
    original / junk request is
    forwarded to SAP servers

    4
    SAP Servers

    2
    3

    DATABASE QUERIES WORKFLOW


    MANAGEMENT

    For specific users, when they fire a Database query


    A PUSH notification is generated and sent to the
    reporting manager

    The notification contains details on


    User making the request
    Details on the request

    The query is only processed if the reporting manager


    approves the query
    The same architecture can be replicated from
    Database to any other workflow

    Private and Confidential -INNEFU LABS

    OTHER CASE STUDIES

    Windows Logon with /


    without Domain

    Critical Intranet Applications including


    Core Banking Solutions

    Login to Remote
    Servers

    SSL VPN Juniper / Citrix

    Wireless Networks

    Private and Confidential -INNEFU LABS

    Web Enabled Applications

    WEB ENABLED APPLICATIONS (SOURCE CODE


    AVAILABLE)

    Two Factor Authentication with

    Source Code available with the Client


    Changes made to the Authentication Module of the
    client application

    AuthShield login APIs integrated with the application

    Private and Confidential -INNEFU LABS

    Web Enable Application (PHP Based)


    Inhouse built Finance Portal (Java Based)

    Private and Confidential -INNEFU LABS

    PROCESS
    User Name, Pwd, OTP

    True Authentication

    True Authentication

    User Name, OTP

    Private and Confidential -INNEFU LABS

    Access

    User Name, Pwd

    INTERNET BANKING SOLUTION

    Client wanted Two Factor Authentication with

    Source Code available with the Client

    Changes made to the Authentication Module of the


    client application

    Innefus 2FA APIs were integrated with the application


    Users were provided One Time Password via SMS any
    time a user needs to reset his password

    Private and Confidential -INNEFU LABS

    Reset Password Options

    PROCESS
    User Name, Pwd, OTP

    True Authentication

    True Authentication

    User Name, OTP

    Private and Confidential -INNEFU LABS

    Access

    User Name, Pwd

    WINDOWS 7, XP WITH MS AD 2008

    Client wanted Two Factor Authentication with


    Windows XP with MS Active Directory 2003
    Windows Vista with MS Active Directory 2003

    Changes made to the Login dll of Windows


    Innefus server module was installed on Active
    Directory
    Seamless integration done with Active Directory

    Private and Confidential -INNEFU LABS

    PROCESS
    User Name, Pwd

    Active Directory
    True Authentication

    User Name, OTP

    AuthShield Server

    Private and Confidential -INNEFU LABS

    True Authentication

    INTEGRATION WITH VPN

    Client wanted Two Factor Authentication with

    Authentication in VPN was done via RADIUS server


    AuthShields server inbuilt RADIUS server was used
    to authenticate the user
    All requests forwarded to the IAS server which
    authenticates the request

    Private and Confidential -INNEFU LABS

    SSL VPN

    PROCESS
    User Name, Pwd

    Active Directory
    True Authentication

    User Name, OTP

    AuthShield Server

    Private and Confidential -INNEFU LABS

    True Authentication

    WHAT WE OFFER
    Features

    One Touch Authentication

    PKI Token using smart Phones

    Reusable response based on IP and


    time duration

    Indigenous Tokens thereby offering cobranding opportunities and instant


    turnaround time

    Customization as per clients


    requirements

    Superior support at cheaper costs

    Unparalleled experience of working


    with large Government and corporate
    clients

    AuthShield

    Others

    Private and Confidential -INNEFU LABS

    S.no

    PREVENT IDENTITY THEFT!!

    Private and Confidential -INNEFU LABS

    COUNT ON

    QUESTIONS WELCOME
    INNEFU LABS PVT. LTD
    www.innefu.com
    +91-11-47065864 / 66

    contact@innefu.com, info@innefu.com

    Private and Confidential -INNEFU LABS

    THANK YOU

    Вам также может понравиться