SlideShare uma empresa Scribd logo

2fa technicalsynopsis-webapplication-120505074214-phpapp01

Hai Nguyen
Hai Nguyen
TecnologiaNegócios
1 de 4
Baixar para ler offline
Two-Factor Authentication Solution for Web based Applications A r r a y S h i e l d | i n f o @ a r r a y s h i e l d . c o m Page 1 Two-Factor Authentication Solution for Web based Applications Solution ArrayShield innovative two factor authentication system – IDAS provides a simple secure access to web applications. By using its innovative pattern based authentication it provides One-Time- Secret-Code for every login transaction without using any smart hardware. In IDAS every user is shown with a matrix on the login screen which is populated with random characters for every transaction. User has to choose a pattern which is a sequence of cells in the matrix and should register the same with the system prior accessing the ArrayShield IDAS Two-Factor solution. A translucent card is provided to each user which has a similar structured matrix with transparent and opaque cells and some random characters imprinted on the opaque cells. Each card is unique in terms of the position of the opaque cells and the characters imprinted on them. At the time of accessing the web application, user is shown with the randomly populated matrix as a challenge. The user overlaps the translucent card on the shown matrix and will key in the characters present in the chosen pattern in the same order. These characters form the One- Time-Secret-Code for the user for that transaction. The ArrayShield IDAS server verifies the user credentials by comparing user’s registered pattern and the pattern values entered by the user. Access is given to the user if the user credentials are valid. Problem with exposing Web applications on the Internet Web based applications are the ultimate way to take advantage of today’s technology to enhance the organizations productivity & efficiency. As they provide the opportunity to access the business information from anywhere in the world saving time and money and improve the interactivity. As these web applications are hosted in the internet for easy access for every one there are huge number of attacks possible on these applications. Statistics show that most of the attacks target to steal the legitimate user’s credentials and user them to gain access to the sensitive information protected by simple username and password. A strong need for two factor authentication is necessary for access to these web applications which should protect against the attacks like key loggers, phishing, etc.
Two-Factor Authentication Solution for Web based Applications A r r a y S h i e l d | i n f o @ a r r a y s h i e l d . c o m Page 2 Integration Flow The following diagram shows how a web application can be integrated with ArrayShield IDAS to use its two factor authentication for secure access. Figure: Integration Flow diagram for the Web application authentication with ArrayShield IDAS
Two-Factor Authentication Solution for Web based Applications A r r a y S h i e l d | i n f o @ a r r a y s h i e l d . c o m Page 3 Features Innovative Technology ArrayShield IDAS technology is patent pending (globally) and has won several awards/recognitions in various forums for its innovative concept. High Level of Security ArrayShield IDAS product leverages advanced Encryption methodologies (like Industry Standard AES (128/192/256 bit) algorithms as well as in-house developed advanced cryptographic techniques) and follows Industry Standard Guidelines and Best Practices. Ease of Use ArrayShield IDAS is based on user-intuitive patterns which are easy to remember than complex passwords than can be easily compromised. Easy to Integrate ArrayShield IDAS product will seamlessly integrate with existing enterprise environments with improved user experience. No expertise is required for integration. Interoperable System ArrayShield IDAS can also be configured as add-on module with various products of leading technology players. Support is available for SAML, LDAP, RADIUS, TACACS protocol etc. Easy to Deploy ArrayShield IDAS can be easily deployed in days (not in weeks) because of easy-to-configure API based system. Easily Customizable ArrayShield IDAS product can be easily customized to the unique needs of every organization. Once deployed, organizations can also configure the security strength and mechanism to the amount of risk involved in the user’s role and usability requirements. Highly Scalable ArrayShield IDAS system can be easily scaled with huge user population without affecting the performance and usability.
Two-Factor Authentication Solution for Web based Applications A r r a y S h i e l d | i n f o @ a r r a y s h i e l d . c o m Page 4 Benefits Low Total Cost of Ownership ArrayShield IDAS provides Strong Authentication at a fraction of cost of traditional alternatives. Minimal Cost is incurred during purchase as well as maintenance. As there is no need of having costly hardware tokens or transactional costs incurred because of SMS etc, ArrayShield’s Product provides lowest Total Cost of Ownership. No costly server hardware needed. Mobility of the user As ArrayShield uses a simple plastic card that can be carried on the go, it doesn’t have any dependencies. Hence user will be able to access the application any-time, any-where. Provides peace of mind Protects Organizations and customers from Online Identity and data theft, hence provide peace of mind. Provides Compliance with regulations Regulatory agencies agree that passwords are a weak link and are requiring companies to implement stronger authentication. ArrayShield is a rapid, cost-effective way to comply with Industry Guidelines, Security Standards and other Industry regulations. Conclusion By using ArrayShield IDAS Two-Factor authentication solution, organizations can enable secure access to their Web Applications. The solution will make organizations of all sizes and complexities protect from the malicious attacks happening on the web applications. ArrayShield IDAS solution is designed to integrate with your existing web application to minimize downtime and to avoid huge deployment costs that other solutions have. ArrayShield IDAS works seamlessly with all kind of web applications which are developed in various languages like Java, .NET, python and PHP. The convenient web management console gives administrators an added tool that makes managing accounts easier.

Recomendados

ppcguruguide
ppcguruguideppcguruguide
ppcguruguide
Andrew Bernero
 
Phishcops multifactor-authentication-website-authentication1096
Phishcops multifactor-authentication-website-authentication1096Phishcops multifactor-authentication-website-authentication1096
Phishcops multifactor-authentication-website-authentication1096
Hai Nguyen
 
How do i teach learners at the pre k 3
How do i teach learners at the pre k 3How do i teach learners at the pre k 3
How do i teach learners at the pre k 3
literacypains
 
cv
cvcv
cv
Robert Hershberger
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guide
Hai Nguyen
 
Sms based otp
Sms based otpSms based otp
Sms based otp
Hai Nguyen
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailar
Hai Nguyen
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_fa
Hai Nguyen
 

Recomendados

ppcguruguide
ppcguruguideppcguruguide
ppcguruguide
Andrew Bernero
 
Phishcops multifactor-authentication-website-authentication1096
Phishcops multifactor-authentication-website-authentication1096Phishcops multifactor-authentication-website-authentication1096
Phishcops multifactor-authentication-website-authentication1096
Hai Nguyen
 
How do i teach learners at the pre k 3
How do i teach learners at the pre k 3How do i teach learners at the pre k 3
How do i teach learners at the pre k 3
literacypains
 
cv
cvcv
cv
Robert Hershberger
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guide
Hai Nguyen
 
Sms based otp
Sms based otpSms based otp
Sms based otp
Hai Nguyen
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailar
Hai Nguyen
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_fa
Hai Nguyen
 
Scc soft token datasheet
Scc soft token datasheetScc soft token datasheet
Scc soft token datasheet
Hai Nguyen
 
Rsa two factorauthentication
Rsa two factorauthenticationRsa two factorauthentication
Rsa two factorauthentication
Hai Nguyen
 
Quest defender provides_secure__affordable_two-factor_authentication_for_okla...
Quest defender provides_secure__affordable_two-factor_authentication_for_okla...Quest defender provides_secure__affordable_two-factor_authentication_for_okla...
Quest defender provides_secure__affordable_two-factor_authentication_for_okla...
Hai Nguyen
 
Pg 2 fa_tech_brief
Pg 2 fa_tech_briefPg 2 fa_tech_brief
Pg 2 fa_tech_brief
Hai Nguyen
 
Ouch 201211 en
Ouch 201211 enOuch 201211 en
Ouch 201211 en
Hai Nguyen
 
N ye c-rfp-two-factor-authentication
N ye c-rfp-two-factor-authenticationN ye c-rfp-two-factor-authentication
N ye c-rfp-two-factor-authentication
Hai Nguyen
 
Multiple credentials-in-the-enterprise
Multiple credentials-in-the-enterpriseMultiple credentials-in-the-enterprise
Multiple credentials-in-the-enterprise
Hai Nguyen
 
Mobile authentication
Mobile authenticationMobile authentication
Mobile authentication
Hai Nguyen
 
Ijcsi 9-4-2-457-462
Ijcsi 9-4-2-457-462Ijcsi 9-4-2-457-462
Ijcsi 9-4-2-457-462
Hai Nguyen
 
Identity cues two factor data sheet
Identity cues two factor data sheetIdentity cues two factor data sheet
Identity cues two factor data sheet
Hai Nguyen
 
Hotpin datasheet
Hotpin datasheetHotpin datasheet
Hotpin datasheet
Hai Nguyen
 
Gambling
GamblingGambling
Gambling
Hai Nguyen
 
Ds netsuite-two-factor-authentication
Ds netsuite-two-factor-authenticationDs netsuite-two-factor-authentication
Ds netsuite-two-factor-authentication
Hai Nguyen
 
Datasheet two factor-authenticationx
Datasheet two factor-authenticationxDatasheet two factor-authenticationx
Datasheet two factor-authenticationx
Hai Nguyen
 
Csd6059
Csd6059Csd6059
Csd6059
Hai Nguyen
 
Cryptomathic white paper 2fa for banking
Cryptomathic white paper 2fa for bankingCryptomathic white paper 2fa for banking
Cryptomathic white paper 2fa for banking
Hai Nguyen
 
Citrix sb 0707-lowres
Citrix sb 0707-lowresCitrix sb 0707-lowres
Citrix sb 0707-lowres
Hai Nguyen
 
Bi guardotp
Bi guardotpBi guardotp
Bi guardotp
Hai Nguyen
 
Attachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseAttachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromise
Hai Nguyen
 
Ams 2 fa april 2013
Ams 2 fa april 2013Ams 2 fa april 2013
Ams 2 fa april 2013
Hai Nguyen
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 

Mais conteúdo relacionado

Mais de Hai Nguyen

Scc soft token datasheet
Scc soft token datasheetScc soft token datasheet
Scc soft token datasheet
Hai Nguyen
 
Rsa two factorauthentication
Rsa two factorauthenticationRsa two factorauthentication
Rsa two factorauthentication
Hai Nguyen
 
Quest defender provides_secure__affordable_two-factor_authentication_for_okla...
Quest defender provides_secure__affordable_two-factor_authentication_for_okla...Quest defender provides_secure__affordable_two-factor_authentication_for_okla...
Quest defender provides_secure__affordable_two-factor_authentication_for_okla...
Hai Nguyen
 
Pg 2 fa_tech_brief
Pg 2 fa_tech_briefPg 2 fa_tech_brief
Pg 2 fa_tech_brief
Hai Nguyen
 
Ouch 201211 en
Ouch 201211 enOuch 201211 en
Ouch 201211 en
Hai Nguyen
 
N ye c-rfp-two-factor-authentication
N ye c-rfp-two-factor-authenticationN ye c-rfp-two-factor-authentication
N ye c-rfp-two-factor-authentication
Hai Nguyen
 
Multiple credentials-in-the-enterprise
Multiple credentials-in-the-enterpriseMultiple credentials-in-the-enterprise
Multiple credentials-in-the-enterprise
Hai Nguyen
 
Mobile authentication
Mobile authenticationMobile authentication
Mobile authentication
Hai Nguyen
 
Ijcsi 9-4-2-457-462
Ijcsi 9-4-2-457-462Ijcsi 9-4-2-457-462
Ijcsi 9-4-2-457-462
Hai Nguyen
 
Identity cues two factor data sheet
Identity cues two factor data sheetIdentity cues two factor data sheet
Identity cues two factor data sheet
Hai Nguyen
 
Hotpin datasheet
Hotpin datasheetHotpin datasheet
Hotpin datasheet
Hai Nguyen
 
Ds netsuite-two-factor-authentication
Ds netsuite-two-factor-authenticationDs netsuite-two-factor-authentication
Ds netsuite-two-factor-authentication
Hai Nguyen
 
Datasheet two factor-authenticationx
Datasheet two factor-authenticationxDatasheet two factor-authenticationx
Datasheet two factor-authenticationx
Hai Nguyen
 
Cryptomathic white paper 2fa for banking
Cryptomathic white paper 2fa for bankingCryptomathic white paper 2fa for banking
Cryptomathic white paper 2fa for banking
Hai Nguyen
 
Citrix sb 0707-lowres
Citrix sb 0707-lowresCitrix sb 0707-lowres
Citrix sb 0707-lowres
Hai Nguyen
 
Attachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseAttachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromise
Hai Nguyen
 
Ams 2 fa april 2013
Ams 2 fa april 2013Ams 2 fa april 2013
Ams 2 fa april 2013
Hai Nguyen
 

Mais de Hai Nguyen (20)

Scc soft token datasheet
Scc soft token datasheetScc soft token datasheet
Scc soft token datasheet
 
Rsa two factorauthentication
Rsa two factorauthenticationRsa two factorauthentication
Rsa two factorauthentication
 
Quest defender provides_secure__affordable_two-factor_authentication_for_okla...
Quest defender provides_secure__affordable_two-factor_authentication_for_okla...Quest defender provides_secure__affordable_two-factor_authentication_for_okla...
Quest defender provides_secure__affordable_two-factor_authentication_for_okla...
 
Pg 2 fa_tech_brief
Pg 2 fa_tech_briefPg 2 fa_tech_brief
Pg 2 fa_tech_brief
 
Ouch 201211 en
Ouch 201211 enOuch 201211 en
Ouch 201211 en
 
N ye c-rfp-two-factor-authentication
N ye c-rfp-two-factor-authenticationN ye c-rfp-two-factor-authentication
N ye c-rfp-two-factor-authentication
 
Multiple credentials-in-the-enterprise
Multiple credentials-in-the-enterpriseMultiple credentials-in-the-enterprise
Multiple credentials-in-the-enterprise
 
Mobile authentication
Mobile authenticationMobile authentication
Mobile authentication
 
Ijcsi 9-4-2-457-462
Ijcsi 9-4-2-457-462Ijcsi 9-4-2-457-462
Ijcsi 9-4-2-457-462
 
Identity cues two factor data sheet
Identity cues two factor data sheetIdentity cues two factor data sheet
Identity cues two factor data sheet
 
Hotpin datasheet
Hotpin datasheetHotpin datasheet
Hotpin datasheet
 
Gambling
GamblingGambling
Gambling
 
Ds netsuite-two-factor-authentication
Ds netsuite-two-factor-authenticationDs netsuite-two-factor-authentication
Ds netsuite-two-factor-authentication
 
Datasheet two factor-authenticationx
Datasheet two factor-authenticationxDatasheet two factor-authenticationx
Datasheet two factor-authenticationx
 
Csd6059
Csd6059Csd6059
Csd6059
 
Cryptomathic white paper 2fa for banking
Cryptomathic white paper 2fa for bankingCryptomathic white paper 2fa for banking
Cryptomathic white paper 2fa for banking
 
Citrix sb 0707-lowres
Citrix sb 0707-lowresCitrix sb 0707-lowres
Citrix sb 0707-lowres
 
Bi guardotp
Bi guardotpBi guardotp
Bi guardotp
 
Attachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseAttachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromise
 
Ams 2 fa april 2013
Ams 2 fa april 2013Ams 2 fa april 2013
Ams 2 fa april 2013
 

Último

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 

Último (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

2fa technicalsynopsis-webapplication-120505074214-phpapp01

  • 1. Two-Factor Authentication Solution for Web based Applications A r r a y S h i e l d | i n f o @ a r r a y s h i e l d . c o m Page 1 Two-Factor Authentication Solution for Web based Applications Solution ArrayShield innovative two factor authentication system – IDAS provides a simple secure access to web applications. By using its innovative pattern based authentication it provides One-Time- Secret-Code for every login transaction without using any smart hardware. In IDAS every user is shown with a matrix on the login screen which is populated with random characters for every transaction. User has to choose a pattern which is a sequence of cells in the matrix and should register the same with the system prior accessing the ArrayShield IDAS Two-Factor solution. A translucent card is provided to each user which has a similar structured matrix with transparent and opaque cells and some random characters imprinted on the opaque cells. Each card is unique in terms of the position of the opaque cells and the characters imprinted on them. At the time of accessing the web application, user is shown with the randomly populated matrix as a challenge. The user overlaps the translucent card on the shown matrix and will key in the characters present in the chosen pattern in the same order. These characters form the One- Time-Secret-Code for the user for that transaction. The ArrayShield IDAS server verifies the user credentials by comparing user’s registered pattern and the pattern values entered by the user. Access is given to the user if the user credentials are valid. Problem with exposing Web applications on the Internet Web based applications are the ultimate way to take advantage of today’s technology to enhance the organizations productivity & efficiency. As they provide the opportunity to access the business information from anywhere in the world saving time and money and improve the interactivity. As these web applications are hosted in the internet for easy access for every one there are huge number of attacks possible on these applications. Statistics show that most of the attacks target to steal the legitimate user’s credentials and user them to gain access to the sensitive information protected by simple username and password. A strong need for two factor authentication is necessary for access to these web applications which should protect against the attacks like key loggers, phishing, etc.
  • 2. Two-Factor Authentication Solution for Web based Applications A r r a y S h i e l d | i n f o @ a r r a y s h i e l d . c o m Page 2 Integration Flow The following diagram shows how a web application can be integrated with ArrayShield IDAS to use its two factor authentication for secure access. Figure: Integration Flow diagram for the Web application authentication with ArrayShield IDAS
  • 3. Two-Factor Authentication Solution for Web based Applications A r r a y S h i e l d | i n f o @ a r r a y s h i e l d . c o m Page 3 Features Innovative Technology ArrayShield IDAS technology is patent pending (globally) and has won several awards/recognitions in various forums for its innovative concept. High Level of Security ArrayShield IDAS product leverages advanced Encryption methodologies (like Industry Standard AES (128/192/256 bit) algorithms as well as in-house developed advanced cryptographic techniques) and follows Industry Standard Guidelines and Best Practices. Ease of Use ArrayShield IDAS is based on user-intuitive patterns which are easy to remember than complex passwords than can be easily compromised. Easy to Integrate ArrayShield IDAS product will seamlessly integrate with existing enterprise environments with improved user experience. No expertise is required for integration. Interoperable System ArrayShield IDAS can also be configured as add-on module with various products of leading technology players. Support is available for SAML, LDAP, RADIUS, TACACS protocol etc. Easy to Deploy ArrayShield IDAS can be easily deployed in days (not in weeks) because of easy-to-configure API based system. Easily Customizable ArrayShield IDAS product can be easily customized to the unique needs of every organization. Once deployed, organizations can also configure the security strength and mechanism to the amount of risk involved in the user’s role and usability requirements. Highly Scalable ArrayShield IDAS system can be easily scaled with huge user population without affecting the performance and usability.
  • 4. Two-Factor Authentication Solution for Web based Applications A r r a y S h i e l d | i n f o @ a r r a y s h i e l d . c o m Page 4 Benefits Low Total Cost of Ownership ArrayShield IDAS provides Strong Authentication at a fraction of cost of traditional alternatives. Minimal Cost is incurred during purchase as well as maintenance. As there is no need of having costly hardware tokens or transactional costs incurred because of SMS etc, ArrayShield’s Product provides lowest Total Cost of Ownership. No costly server hardware needed. Mobility of the user As ArrayShield uses a simple plastic card that can be carried on the go, it doesn’t have any dependencies. Hence user will be able to access the application any-time, any-where. Provides peace of mind Protects Organizations and customers from Online Identity and data theft, hence provide peace of mind. Provides Compliance with regulations Regulatory agencies agree that passwords are a weak link and are requiring companies to implement stronger authentication. ArrayShield is a rapid, cost-effective way to comply with Industry Guidelines, Security Standards and other Industry regulations. Conclusion By using ArrayShield IDAS Two-Factor authentication solution, organizations can enable secure access to their Web Applications. The solution will make organizations of all sizes and complexities protect from the malicious attacks happening on the web applications. ArrayShield IDAS solution is designed to integrate with your existing web application to minimize downtime and to avoid huge deployment costs that other solutions have. ArrayShield IDAS works seamlessly with all kind of web applications which are developed in various languages like Java, .NET, python and PHP. The convenient web management console gives administrators an added tool that makes managing accounts easier.