Organizations that either are considering deployment of Hitachi ID Password Manager or have already deployed it need to understand its security implications.
Hitachi ID Password Manager impacts authentication processes and standards. This document describes this impact, and how to ensure that it is a positive change.
Hitachi ID Password Manager is also a sensitive part of an organization's IT infrastructure, and consequently must be defended by strong security measures. The technology used by Hitachi ID Password Manager to protect against intrusions, as well as best practices to deploy that technology, are described here.
The remainder of this paper is organized into sections that describe challenges specific to managing passwords for mobile users, and how Hitachi ID Password Manager addresses each problem.
What is Hitachi ID Password Manager?
A brief description of Hitachi ID Password Manager, to give context to the subsequent sections.
Protected assets
A list of what information security, as implemented in Hitachi ID Password Manager, should protect.
Defining security violations
Some specific security attacks that Hitachi ID Password Manager defenses must repel.
Impact on authentication processes
How the features and processes created by Hitachi ID Password Manager affect authentication to IT infrastructure generally in an organization.
Server defenses
How the Hitachi ID Password Manager server can and should be protected.
Communication defenses
How data transmitted to and from each Hitachi ID Password Manager server is protected.
Data protection
How data stored on each Hitachi ID Password Manager server is protected.
The secure kiosk account
How the optional secure kiosk account impacts the security of the network operating system where it is installed.
24. Hitachi ID Password Manager Security Analysis
10 Conclusions
This document illustrates that best-practice measures are implemented in the Hitachi ID Password Manager
software, to protect it against direct attack, to protect its communications, and to protect its data.
This document also highlights the fact that Password Manager is a sensitive server, and should be managed
carefully. In particular, it should be installed on a locked-down server, and managed with close attention to
security.
www.Hitachi-ID.com
500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com
File: /pub/wp/psynch/documents/security_analysis/psynch_security_analysis_5.tex
Date: November 20, 2006