authshield - two factor authentication
DESCRIPTION
AUTHSHIELD LABS “Authentication Security at it’s best - PowerPoint PPT PresentationTRANSCRIPT
AUTHSHIELD™ – TWO FACTOR AUTHENTICATION
“The threats from within are increasing on a daily basis. 78% of all information security breaches happen internally”
UNIQUE CASE STUDIES
Database Queries - Workflow Management
Mail Solutions
SAP GUI and Net weaver
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
User enters User Name & Password
Request forwarded to AuthShield Frontend Plugin
Second factor Authentication validated from Authentication server
On validation user name and password request forwarded to Exchange
Priv
ate
and C
onfidentia
l - INN
EFU
LAB
S0
4/1
9/2
3AUTHSHIELD INTEGRATION WITH MAIL SERVER
User enters User Name and Password on Web
Portal
OWA checks for whether OTP Prompt has to be
shown or not
In case Yes, user is prompted for OTP else request is forwarded to
exchange
OTP is validated from AuthShield Server
Microsoft Exchange with Authentication Frontend Plugin
AuthShield Authentication Server
Active Directory
On OTP validation, original / corrupted request is
forwarded to exchange
1
2
3
4
SAP GUI INTEGRATION
2FA integration with SAP GUI
Request forward to AuthShield Frontend server
Second Factor of Authentication checked with Authentication Server
User Name and Password are authenticated as normal
Priv
ate
and C
onfidentia
l - INN
EFU
LAB
S0
4/1
9/2
3
SAP Servers
User enters User Name and Password in his client as normal. Request sent to
AuthShield frontend
Checks for OTP requirement from Authentication server. If yes it sends a notification to the handset / Desktop of
the user
On OTP validation, original / junk request is forwarded to
SAP servers
1
2
3
4
5
PROCESS FLOW
DATABASE QUERIES – WORKFLOW MANAGEMENT For specific users, when they fire a Database query –
A PUSH notification is generated and sent to the reporting manager
The notification contains details on – User making the request Details on the request
The query is only processed if the reporting manager approves the query
The same architecture can be replicated from Database to any other workflow
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
OTHER CASE STUDIES
Web Enabled Applications
Windows Logon with / without Domain
Critical Intranet Applications including Core Banking Solutions SSL VPN – Juniper / Citrix
Login to Remote Servers
Wireless Networks
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
WEB ENABLED APPLICATIONS (SOURCE CODE AVAILABLE)
Two Factor Authentication with – Web Enable Application (PHP Based) Inhouse built Finance Portal (Java Based)
Source Code available with the Client
Changes made to the Authentication Module of the client application – AuthShield login API’s integrated with the application
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
PROCESSUser Name, Pwd, OTP User Name, Pwd
True Authentication
True Authentication User Name, OTP
Access
INTERNET BANKING SOLUTION
Client wanted Two Factor Authentication with – Reset Password Options
Source Code available with the Client
Changes made to the Authentication Module of the client application – Innefu’s 2FA API’s were integrated with the application Users were provided One Time Password via SMS any
time a user needs to reset his password
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
PROCESSUser Name, Pwd, OTP User Name, Pwd
True Authentication
True Authentication User Name, OTP
Access
WINDOWS 7, XP WITH MS AD 2008
Client wanted Two Factor Authentication with – Windows XP with MS Active Directory 2003 Windows Vista with MS Active Directory 2003
Changes made to the Login dll of Windows
Innefu’s server module was installed on Active Directory
Seamless integration done with Active Directory
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
PROCESS
User Name, Pwd
Active Directory
AuthShield Server
True Authentication
True Authentication
User Name, OTP
INTEGRATION WITH VPN
Client wanted Two Factor Authentication with – SSL VPN
Authentication in VPN was done via RADIUS server
AuthShield’s server inbuilt RADIUS server was used to authenticate the user
All requests forwarded to the IAS server which authenticates the request
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
PROCESS
User Name, Pwd
Active Directory
AuthShield Server
True Authentication
True Authentication
User Name, OTP
WHAT WE OFFER
S.no Features AuthShield Others
1 One Touch Authentication
2 PKI Token using smart Phones
3 Reusable response based on IP and time duration
4 Indigenous Tokens thereby offering co-branding opportunities and instant turnaround time
5 Customization as per client’s requirements
6 Superior support at cheaper costs
7 Unparalleled experience of working with large Government and corporate clients
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
THANK YOUQUESTIONS WELCOME
INNEFU LABS PVT. LTD
www.innefu.com
+91-11-47065864 / 66
[email protected], [email protected]
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S