kobil midentity basic · a possible deployment scenario of kobil midentity basic could look like...

4
KOBIL mIDentity Basic SSL-VPN – Highly Secure Connectivity Anywhere on Earth

Upload: leque

Post on 25-Apr-2018

224 views

Category:

Documents


0 download

TRANSCRIPT

KOBIL mIDentity BasicSSL-VPN – Highly Secure Connectivity Anywhere on Earth

KOBIL mIDentity – Integration through SSL-VPNHighly Secure Connectivity Anywhere on Earth

High Mobility and Security at the Same Time

Here is how KOBIL faced the challenge: KOBIL mIDentity Basic is a patented product – the only one of its kind in the world – that offers unrestricted highly secure mobility to its users. KOBIL mIDentity Basic enables users to access and use SSL-VPNs in a high security mode – and this without requiring administ-rator rights. In the process, the digital identity of the user remains safely stored on the on-board Smart Card. It is just as safely protected there as by a conventional Smart Card. The dif-ferences being that the KOBIL mIDentity Basic Smart Card has a vastly enlarged memory.By contrast, the use of classic SSL-VPNs pre-re-quires a variety of confi gurations and instal-lations on the client PC that severely limit the user mobility and pose a potential security ha-zard too. KOBIL mIDentity Basic, on the other hand, ensures unrestricted mobility through the option to save applications such as Mozilla

Firefox tamper-proof on mIDentity Basic.Thus, any user is at liberty to use any inter-net-enabled PC worldwide for secure access via a given SSL-VPN, e. g., to access sensitive corporate data.

VPN Is Not the Same as Open House

No doubt, the internet represents an ideal, becau-se universal, infrastructure for networking your branches, mobile workforce and business partners. However, the World Wide Web is also an open, heterogeneous, and therefore unsafe, network. A user can never be sure if the data transmitted are not being eavesdropped, manipulated or even sabotaged. An SSL-VPN (Virtual Private Network) helps users to exchange critical business data fl exibly and at low cost among different locations, and to make them available for remote access. For an SSL-VPN, unique user authentication is therefore one of the prerequisites for the security of sensiti-ve data (in addition to the SSL encryption). Conven-tional authentication methods via user name and static password, however, do not provide adequate security in this context.

2

Security-sensitive data thus remain on the mIDentity, and never even enter the hard disk of the client PC.

KOBIL mIDentity – Integration through SSL-VPNHighly Secure Connectivity Anywhere on Earth

KOBIL mIDentity Basic comes with a pre-in-stalled Mozilla Firefox Image. It contains eve-rything that a safe SSL-VPN client requires. A possible deployment scenario of KOBIL mIDentity Basic could look like this: After plug-ging it in, KOBIL mIDentity will automatically start the Firefox browser.The latter then sets up the connection to the requested gateway via the internet. In the next step, the user authenticates him- or her-self at the gateway. To this end, the user enters the correct Smart Card PIN, thus performing a high secure, certifi cate-based authentication. Once the certifi cate has been verifi ed by the gateway, a secure SSL-VPN will be set up. Once it is up and running, the user has high security data access.

Innovative Technology That Pays Off

KOBIL mIDentity Basic helps users to access their data anywhere in the world by using SSL-VPN. Since it requires no installation, KOBIL mIDentity Basic provides users with all the mobility and fl exibility they need when using more than just one client PC – and this without compromising their security in any way. At the same time, it cuts support costs. Because the administrator predefi nes the entire confi guration as a read-only image – and thereby excludes the very possibility of retroactive misconfi guration or manipulati-on by a user. The smooth integration of KOBIL technologies provides you with a product that will integrate into any existing IT infrastruc-ture. Even conventional VPN solutions can be secured in this way once the basic mIDentity software has been installed.

Technical Details

Platforms> Windows 2000

SP 3 or higher> Windows XP,

SP 1 or higher> Windows 2003 Server

Standards> Microsoft Crypto API*> PKCS#11> PC/SC (CCID)*> X .509 v3 certifi cates> SSL v3> S/MIME*

Cryptographic Processes> RSA 2048 bit> 3DES 168 bit

Simple Sign-On> Dialog boxes**> Web forms**

Interface> USB 2.0 High Speed> USB 1.1 High Speed

Dimensions74mm x 22mm x 12mm(L x W x H)

Weight> 13.5 g

Available SizesS, M, L, XL, XXL (64, 128,256, 512, 1024 MB)

* Requires installation ofbasic software** Only in combination with Classic update

3

Highly Secure Connectivity Anywhere on Earth

DATEVDATEV is Germany’s largest cooperative society of tax consultants, chartered accountants and attorneys. Simple, safe and mobile - DATEV uses mIDentity as secure data memory, as medium for corporate applications and licences, and as digital identity for the authentication of tax consultants and attorneys.

DG-VERLAGDG-Verlag is Germany’s largest service provider for Volksbanken andRaiffeisenbanken S&Ls, material and service cooperative societies, as well as integrated institutes. DG-Verlag uses the KOBIL product mIDentity for the innovative HBCI solution “Go Networld“ for mobile and secure home banking, which was honoured with the Innovation Award 2004 at the ISSE trade fair.

KOBIL mIDentity – References

4