| |
|
|
Our
team is proud to present Strong Authentication Hardware Version, a new
application created to increase at highest level the security of users
authentication and web-based transactions.
It deals with “two factors”
authentication system-a thing that i know and a thing that i have- wich
combines, therefore a logical (mnemonic) factor, the user-password couple, to a
physical factor that is possessed, in our case, one particular key to insert in
the USB port of the computer (token), that completes the recognition process of
users.
|
There are already exists other “two
factors” authentication systems of users, especially those used by credit
institutes, always interested in the saftyness of the net and therefore to
search vanguard solutions; our system has a few peculiar characteristics such
as:
Flexibility: our
technicians worked hard to create a complex and complete system, easy to
integrate with already existing applications for wich you desire to take advantage
of the potentiality of strong authentication.
Security: the
key not only allows to authenticate users but can create protected sessions
between user and server, encrypting the content with the Blowfish 256 bit
algorithm, and gives the possibility to each user of choosing to encrypt the
login process or the entire transaction, wich means protection even in the
absence of SSL protocole on server.
Programming language: it has been chosen a combination
between PHP and JAVA languages; further to be a novelty for this particular
hardware key, it is surely an optimized choice due to the well known power,
speed and versatility characteristics of this server-side programming language.
User’s investment: our high level software allows an
low cost investment for the aquisition of the licence and the keys.
Support: we
are delivering the software “ready to use”, taking care of the whole
installation procedure on the server (including software, operational
components, codification and personalization of the keys, integration of the
software with the application to protect-html pages, data-base, e-commerce etc)
and naturally instructing the stuff for maintenance operations and use. We
already own our servers set up and ready to reccors and insert user’s own
sites.
“Self made” site: if the user doesn’t own a site to
insert and if there are not particular demands, we are furnishing an default
CMS, content management system, wich allows trough a simple and intuitive
graphic web interface to create all the pages of the site-forms, links, image
insertion included- without requiering the knowledge of any programming
language. The system generates automatically the necessary codes to protect
relative pages.
The
versatility of this software can be explioted from other point of view also:
convenience and simplicity of use for the final user. In fact, eliminating the
first login factor (mnemonic user-password) can be created an rapid, secure and
encrypted identification system, simply inserting the key in the USB device,
without any other authentication operation, permitting, that way, controlled
access to restrected areas of the site.
Therefore, the possibilities of use are becoming really notable, privileging
always the safety factor:
- Management of web-based
database of clients, suppliers, etc, for distributed competence centers;
- Management of online sales
and automation for the marketing agents
- Management of online sales
of magazine subscriptions, e-learning services
- Software House: support and
online updating
- Access to the restricted top
management informations
-
Home banking and remote banking
- Associations: safe and easy
communications amoung members
- Franchising chains
- User identification for
Virtual Private Network (VPN)
- Sales of services over internet
- Remote management of sales networks
- Management of customer
services over the internet
- Controlled distribution of
information over internet/intranet
- Sales of software and
information services over internet
- Management of data bases
over internet for companies, public institutes
The advantages are evident from any point of view (two factors or only
USB key). In fact, in case of highly confidential services or/and protected
information, using the “two factor” and the encryption of the token, doubled by
an http SSL protocole, making all the procedure and communication adequately
“armored”.
If using SSL protocole is not possible, the token will encrypt the whole
server-client transaction.
For non-confidential informations can be used only the key
authentication, extremely comfortable and user-friendly for the final user but
safe in a mean time (transmission of login parameters is Blowfish 256bit
encrypted).
Besides, the site administrator will be easily able to check and prevent
any user’s access, specially those who lost the right to use the service,
disabling their keys, while the traditional login-password system can be
accessed with a friends password...
|
