SlideShare a Scribd company logo

Msk security non linear authenticaiton

M
msksecurity

2FA, Non Linear Authentication, MSK Security, Security for the Cloud on the Cloud 2 Factor authentication, SSO, IAM, HASP and Compliance Hippa compliance Saas Hippa, Cloud Hippa, cloud secuirty, saas security, MSK Security, Cloud SSO, 2 factor authentication, HASP, Cloud computing, google apps security, Single Sign on, MITB, Man in the browser, Zeus malware, clampi trojan, clampi malware, zeus malware, msk security, non linear authentication, urlzone malware, urlzone trojan, free two factor authentication, free password manager, free sso, free single sign on

TechnologyBusiness
1 of 10
Download to read offline
Non Linear Authentication SM Non Linear Authentication SM By MSK Security Version 1.0.20100308 Patent Pending Prepared by: Shahram Karimian Raymond Gallagher 3/9/2010 Page 1 of 12 © Copyright 2010 MSK Security
Non Linear Authentication SM Table of Contents Non Linear Authentication SM ..................................................................1 By MSK Security ..................................................................................1 Version 1.0.20100308.....................................................................1 Patent Pending ..............................................................................1 Table of Contents .................................................................................2 Executive Summary..............................................................................3 Non-Linear Authentication SM..................................................................5 Linear Authentication ......................................................................5 Non-Linear Authentication SM............................................................5 How the MSK Digital IDTM isolates and protects.........................................6 Out of Band Transactional Verification for Banking .................................7 Isolation through HASP ......................................................................8 Data Protection:.............................................................................8 System Protection: .........................................................................8 MSK Digital IDTM Smart Token – .............................................................9 System requirements............................................................................9 Implementation .............................................................................9 Proven technologies and best practices .............................................. 10 Appendix A........................................................................................ 11 How the Security Token communicates ........................................... 11 How the Authentication Server communicates .................................. 11 3/9/2010 Page 2 of 12 © Copyright 2010 MSK Security
Non Linear Authentication SM Executive Summary MSK Security is designed to allow secure logins, transaction verification, payment processing and Digital Signatures, in a WAN environment and to remove the possibility of non-authorized activity interfering with these processes. MSK Security has invented “Non-Linear Authentication SM” (Patent Pending) and has a proven implementation of it in our (MSK Web Management 2008 system our 3rd generation management system). Some of the aspects that come out of MSK Security’s implementation of “Non-Linear Authentication SM” are Bidirectional Authentication, Two-Factor Authentication and Out-of-Band Authentication. There has been a lot of discussion about Multi-factor Authentication but little attention has been spent on the aspects of authentication. Non-Linear Authentication SM is, in its own right, a new aspect of authentication and by default exhibits characteristics from many other techniques. This is due in part by the nature of Non-Linear Authentication SM and in part to the powerful way in which MSK Security has implemented it. Many security systems and techniques have failed not because of security but because of usability. From the End-Users perspective, using the security token is no more difficult than the current username/password combination and in some respects (especially across multiple enabled systems) is considerably easier. Two-factor Authentication There are only three possible factors for authentication, something you know, something you have and something you are: 1. Something you know such as a Password, Image, Pattern, Answers to questions are just forms of single-factor authentications. 2. Something you have such as Unique Client Programs, OTP Tokens, Computer hardware, Smart Cards and Keys would also be considered single-factor unless you combine it with something you know. Something you have by its self is still stronger than just something you know. 3. Something you are (the strongest single factor for authentication) such as a Finger Print, Retina, DNA, Picture ID from a trusted source. 3/9/2010 Page 3 of 12 © Copyright 2010 MSK Security
Non Linear Authentication SM What are aspects of authentication? The aspect of authentication is a high level implementation of authentication. It answers the questions “Who has to authenticate?” “Who is trusted?” “How are credentials transmitted?” “What factors of authentication are going to be used?” Almost all websites use single factor unidirectional authentication. Bidirectional Authentication Bidirectional authentication is where the service authenticates to the end- user and the end-user authenticates to the service. This has been implemented by displaying a secrete pass-phrase or picture on the webpage after the end-user puts in their username but before they enter their password. Bidirectional Authentication is an aspect of authentication. User Server/Service Out-of-Band Authentication Out-of-Band Authentication is where part of the communication with a service is done outside the line of communication. This has been implemented by sending an email or making a phone call with a password when the end-user attempts to login. Out-of-Band Authentication is an aspect of authentication. User Server/Service E-mail/Phone 3/9/2010 Page 4 of 12 © Copyright 2010 MSK Security
Non Linear Authentication SM Non-Linear Authentication SM Non-Linear Authentication SM has three players the End-User, the Service or (an agency’s internal network and business applications) and the Authentication-Service or (Auth Server). Non-Linear Authentication SM is where both the End-User and the Service have to authenticate to the Auth Server. The End-User first picks a Service to login to; the Service then authenticates itself to the Auth Server; next the End-User authenticates to the Auth Server; finally the End-User logs in and it is at this point that the Service checks independently with the Auth Server to see if the End-User has authenticated. This is also the point at which the End-Users receive their access rights. Linear Authentication User Server/Service User Authentication Server/Service server/service Server/Service1 User Authentication server/service Server/Service 2 Server/Service 3 Non-Linear Authentication SM Server User 1 Out-of-Band Credentials Server Server 3 2 Authentication server/service Secure Information 3/9/2010 Page 5 of 12 © Copyright 2010 MSK Security
Non Linear Authentication SM How the MSK Digital IDTM Works All businesses and agencies have sensitive data and must simultaneously protect it and provide access to it. To effectively do this, a proven system for user authentication is required. The ideal system provides top-level security with cost-effective deployment and maintenance as well as ease of use. MSK offers identity and access management solutions that meet these requirements. MSK delivers enterprise-grade user authentication that is more powerful than existing PKI technologies without the complexity, overhead and risk associated with these solutions that require key management and storage. To deliver powerful authentication with minimal overhead, MSK takes the proven two-factor method to a new level of ease of use and security. MSK also adds another level of security by having users’ authentication done directly between the smart security token and the authentication server. This direct connection allows the token to have Bi- directional authentication and Out-of-Band authentication at the same time. Example: Banking Site Login Bi-Directional Authentication First Factor Something you know Second Factor Something you have Second Factor If you are not on an authorized PC 3/9/2010 Page 6 of 12 © Copyright 2010 MSK Security
Non Linear Authentication SM Transactional Verification for Banking Account where funds are coming from Amount and where the funds are going Payment processing Digital Signatures 3/9/2010 Page 7 of 12 © Copyright 2010 MSK Security
Non Linear Authentication SM HASP (Hardware Against Software Piracy) MSK Digital ID™ has an optional HASP feature that allows Software on Demand from a specific machine or a pre determined network of machines; this guarantees the highest level of controlled access. Users can be limited to a specific machine or group of machines preventing password sharing. All of this is accomplished without the need to install cumbersome software or hardware. - Provides a better way to meet compliance - Enables more control over use of service - Ensures controlled access to sensitive data From the Point of Authentication: Data Protection: Unauthorized Users: • Phishing • Man-in-the-Middle • Key Loggers • Password Sharing MSK Security will protect you from all of these attacks. Insider Threats: • Audit Trails • Identity and Access Management MSK Web Management TM solution includes full audit trails granular to any machine that attempts to login. The solution includes a single point provisioning and single click removal or de-provisioning. System Protection: Injection attacks: • SQL-Injection • Cross-site-scripting Injections into the Buffer fields like (username and password fields) can damage a system. MSK removes the buffer fields; this reduction of the attack surface eliminates injection attacks. 3/9/2010 Page 8 of 12 © Copyright 2010 MSK Security
Non Linear Authentication SM MSK Digital IDTM Smart Token – System requirements The Security Token runs under Microsoft .NET Framework v1.1.4322 and above. The .NET Framework is included on Windows XP service pack 2 and is part of the OS for Windows Vista and Windows 7. The MSK Security Smart Token requires no installation it is a stand alone executable that will just run if double clicked. Fully testing has been done on Window 2000, Windows XP, Windows Vista, Windows 7 and Windows 2003 Server. The Security Token will recognize Fire Fox 2.0 and earlier; the most common implementation is under Internet Explorer 5.0 and above this includes the latest version of Internet Explorer 8.0 Testing has also include MAC computers running Virtualized versions of the Windows OS. Implementation There are two way to implement MSK Digital ID first is our SAAS model second is a self hosted model. Our SAAS model has only a small a per-set license. The self hosted model will require a Secure MSK Security Authentication Server and will require Branded Smart Tokens that will only communicate with the self hosted Authentication Server. The requirements of the physical server are Windows 2003 Server other requirement will vary depending on implementation (Firewalls, Proxies, Monitoring Services, Secure Hosting Services i.e. SAS 70 Datacenter). Our SAAS (Software-As-A-Service) model is by far the most robust and is the far less costly option. Traditional two factor solutions require distribution and life cycle management of expensive hardware tokens that need to be synchronized with expensive on premise authentication servers that require expensive on premise maintenance. Distribution of the MSK Security Smart Token is quick and easy. The MSK Web Management TM system is included as part of the service not an extra piece of software that needs to be installed and maintained or licensed. The optional HASP (Hardware Against Software Piracy) feature is included as part of the offering. The Smart Tokens can be married to 1 or more computers preventing them from being used on non-authorized computers. Scalability is quick and limitless. With traditional systems this process can be very painful and expensive. 3/9/2010 Page 9 of 12 © Copyright 2010 MSK Security
Non Linear Authentication SM Proven technologies and best practices Proven technologies included with the system are as fallows • 128-bit SSL (Secure Socket Layer) • 256 or 512-bit SHA (Secure Hash Algorithm) • One time only Salted SHA (Random Data added to a Hash to prevent Rainbow table collision attacks) • .NET (Managed Software Framework that is keep up-to-date) • SQL (Structured Query Language) used for high performance data management • Windows Server 2003 • SAS 70 Type II Data Center 3/9/2010 Page 10 of 12 © Copyright 2010 MSK Security

Recommended

Sms based otp
Sms based otpSms based otp
Sms based otpHai Nguyen
 
Access management
Access managementAccess management
Access managementVenkatesh Jambulingam
 
Authentication Models
Authentication ModelsAuthentication Models
Authentication ModelsRaj Chanchal
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_faHai Nguyen
 
2012 1 wp securit trustbuilder two-factor authentication
2012 1 wp securit trustbuilder two-factor authentication2012 1 wp securit trustbuilder two-factor authentication
2012 1 wp securit trustbuilder two-factor authenticationHai Nguyen
 
Pg 2 fa_tech_brief
Pg 2 fa_tech_briefPg 2 fa_tech_brief
Pg 2 fa_tech_briefHai Nguyen
 
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET Journal
 
test
testtest
testpixeldemo
 

Recommended

Sms based otp
Sms based otpSms based otp
Sms based otpHai Nguyen
 
Access management
Access managementAccess management
Access managementVenkatesh Jambulingam
 
Authentication Models
Authentication ModelsAuthentication Models
Authentication ModelsRaj Chanchal
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_faHai Nguyen
 
2012 1 wp securit trustbuilder two-factor authentication
2012 1 wp securit trustbuilder two-factor authentication2012 1 wp securit trustbuilder two-factor authentication
2012 1 wp securit trustbuilder two-factor authenticationHai Nguyen
 
Pg 2 fa_tech_brief
Pg 2 fa_tech_briefPg 2 fa_tech_brief
Pg 2 fa_tech_briefHai Nguyen
 
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET Journal
 
test
testtest
testpixeldemo
 
Efficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkEfficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkIJERA Editor
 
2p Mta Data Sheet V1.7 X1a
2p Mta Data Sheet V1.7 X1a2p Mta Data Sheet V1.7 X1a
2p Mta Data Sheet V1.7 X1aalwayson
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideHai Nguyen
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailarHai Nguyen
 
Enterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftEnterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftHendrix Bodden
 
Identity Management
Identity ManagementIdentity Management
Identity ManagementVenkatesh Jambulingam
 
Hitachi ID Password Manager Brochure
Hitachi ID Password Manager BrochureHitachi ID Password Manager Brochure
Hitachi ID Password Manager BrochureHitachi ID Systems, Inc.
 
International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions www.ijeijournal.com
 
3D secure password
3D secure password3D secure password
3D secure passwordachintya354
 
Contextual Authentication
Contextual AuthenticationContextual Authentication
Contextual AuthenticationPortalGuard dba PistolStar, Inc.
 
IRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking SystemIRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking SystemIRJET Journal
 
Context Based Authentication
Context Based AuthenticationContext Based Authentication
Context Based AuthenticationPortalGuard dba PistolStar, Inc.
 
76 s201923
76 s20192376 s201923
76 s201923IJRAT
 
App Authentication
App AuthenticationApp Authentication
App AuthenticationTrevayne Van Niekerk
 
From Password Reset to Authentication Management
From Password Reset to Authentication ManagementFrom Password Reset to Authentication Management
From Password Reset to Authentication ManagementHitachi ID Systems, Inc.
 
A secure communication in smart phones using two factor authentications
A secure communication in smart phones using two factor authenticationsA secure communication in smart phones using two factor authentications
A secure communication in smart phones using two factor authenticationseSAT Publishing House
 
Protecting Intellectual Freedom for Librarians and Our Patrons by Alyse Ergoo...
Protecting Intellectual Freedom for Librarians and Our Patrons by Alyse Ergoo...Protecting Intellectual Freedom for Librarians and Our Patrons by Alyse Ergoo...
Protecting Intellectual Freedom for Librarians and Our Patrons by Alyse Ergoo...Alyse Ergood McKeal
 
How Reference Librarians Market Electronic Resources:SEFLIN Academic Presents
How Reference Librarians Market Electronic Resources:SEFLIN Academic PresentsHow Reference Librarians Market Electronic Resources:SEFLIN Academic Presents
How Reference Librarians Market Electronic Resources:SEFLIN Academic PresentsAlyse Ergood McKeal
 
Managing Stress: SEFLIN Staff Development by Alyse Ergood
Managing Stress: SEFLIN Staff Development by Alyse Ergood Managing Stress: SEFLIN Staff Development by Alyse Ergood
Managing Stress: SEFLIN Staff Development by Alyse Ergood Alyse Ergood McKeal
 
Editing with Camtasia Part 2: SEFLIN: Evolving Library Technologies Regional ...
Editing with Camtasia Part 2: SEFLIN: Evolving Library Technologies Regional ...Editing with Camtasia Part 2: SEFLIN: Evolving Library Technologies Regional ...
Editing with Camtasia Part 2: SEFLIN: Evolving Library Technologies Regional ...Alyse Ergood McKeal
 
Konsep ASB (PSEKP - UGM)
Konsep ASB (PSEKP - UGM)Konsep ASB (PSEKP - UGM)
Konsep ASB (PSEKP - UGM)PSEKP - UGM
 
Florida SULS Information Literacy Subcommittee Presentation by group:2011 Gra...
Florida SULS Information Literacy Subcommittee Presentation by group:2011 Gra...Florida SULS Information Literacy Subcommittee Presentation by group:2011 Gra...
Florida SULS Information Literacy Subcommittee Presentation by group:2011 Gra...Alyse Ergood McKeal
 

More Related Content

What's hot

Efficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkEfficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkIJERA Editor
 
2p Mta Data Sheet V1.7 X1a
2p Mta Data Sheet V1.7 X1a2p Mta Data Sheet V1.7 X1a
2p Mta Data Sheet V1.7 X1aalwayson
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideHai Nguyen
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailarHai Nguyen
 
Enterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftEnterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftHendrix Bodden
 
3D secure password
3D secure password3D secure password
3D secure passwordachintya354
 
IRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking SystemIRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking SystemIRJET Journal
 
76 s201923
76 s20192376 s201923
76 s201923IJRAT
 
From Password Reset to Authentication Management
From Password Reset to Authentication ManagementFrom Password Reset to Authentication Management
From Password Reset to Authentication ManagementHitachi ID Systems, Inc.
 
A secure communication in smart phones using two factor authentications
A secure communication in smart phones using two factor authenticationsA secure communication in smart phones using two factor authentications
A secure communication in smart phones using two factor authenticationseSAT Publishing House
 

What's hot (16)

Efficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkEfficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed Network
 
2p Mta Data Sheet V1.7 X1a
2p Mta Data Sheet V1.7 X1a2p Mta Data Sheet V1.7 X1a
2p Mta Data Sheet V1.7 X1a
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guide
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailar
 
Enterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftEnterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoft
 
Identity Management
Identity ManagementIdentity Management
Identity Management
 
Hitachi ID Password Manager Brochure
Hitachi ID Password Manager BrochureHitachi ID Password Manager Brochure
Hitachi ID Password Manager Brochure
 
International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)
 
3D secure password
3D secure password3D secure password
3D secure password
 
Contextual Authentication
Contextual AuthenticationContextual Authentication
Contextual Authentication
 
IRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking SystemIRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking System
 
Context Based Authentication
Context Based AuthenticationContext Based Authentication
Context Based Authentication
 
76 s201923
76 s20192376 s201923
76 s201923
 
App Authentication
App AuthenticationApp Authentication
App Authentication
 
From Password Reset to Authentication Management
From Password Reset to Authentication ManagementFrom Password Reset to Authentication Management
From Password Reset to Authentication Management
 
A secure communication in smart phones using two factor authentications
A secure communication in smart phones using two factor authenticationsA secure communication in smart phones using two factor authentications
A secure communication in smart phones using two factor authentications
 

Viewers also liked

Protecting Intellectual Freedom for Librarians and Our Patrons by Alyse Ergoo...
Protecting Intellectual Freedom for Librarians and Our Patrons by Alyse Ergoo...Protecting Intellectual Freedom for Librarians and Our Patrons by Alyse Ergoo...
Protecting Intellectual Freedom for Librarians and Our Patrons by Alyse Ergoo...Alyse Ergood McKeal
 
How Reference Librarians Market Electronic Resources:SEFLIN Academic Presents
How Reference Librarians Market Electronic Resources:SEFLIN Academic PresentsHow Reference Librarians Market Electronic Resources:SEFLIN Academic Presents
How Reference Librarians Market Electronic Resources:SEFLIN Academic PresentsAlyse Ergood McKeal
 
Managing Stress: SEFLIN Staff Development by Alyse Ergood
Managing Stress: SEFLIN Staff Development by Alyse Ergood Managing Stress: SEFLIN Staff Development by Alyse Ergood
Managing Stress: SEFLIN Staff Development by Alyse Ergood Alyse Ergood McKeal
 
Editing with Camtasia Part 2: SEFLIN: Evolving Library Technologies Regional ...
Editing with Camtasia Part 2: SEFLIN: Evolving Library Technologies Regional ...Editing with Camtasia Part 2: SEFLIN: Evolving Library Technologies Regional ...
Editing with Camtasia Part 2: SEFLIN: Evolving Library Technologies Regional ...Alyse Ergood McKeal
 
Konsep ASB (PSEKP - UGM)
Konsep ASB (PSEKP - UGM)Konsep ASB (PSEKP - UGM)
Konsep ASB (PSEKP - UGM)PSEKP - UGM
 
Florida SULS Information Literacy Subcommittee Presentation by group:2011 Gra...
Florida SULS Information Literacy Subcommittee Presentation by group:2011 Gra...Florida SULS Information Literacy Subcommittee Presentation by group:2011 Gra...
Florida SULS Information Literacy Subcommittee Presentation by group:2011 Gra...Alyse Ergood McKeal
 

Viewers also liked (6)

Protecting Intellectual Freedom for Librarians and Our Patrons by Alyse Ergoo...
Protecting Intellectual Freedom for Librarians and Our Patrons by Alyse Ergoo...Protecting Intellectual Freedom for Librarians and Our Patrons by Alyse Ergoo...
Protecting Intellectual Freedom for Librarians and Our Patrons by Alyse Ergoo...
 
How Reference Librarians Market Electronic Resources:SEFLIN Academic Presents
How Reference Librarians Market Electronic Resources:SEFLIN Academic PresentsHow Reference Librarians Market Electronic Resources:SEFLIN Academic Presents
How Reference Librarians Market Electronic Resources:SEFLIN Academic Presents
 
Managing Stress: SEFLIN Staff Development by Alyse Ergood
Managing Stress: SEFLIN Staff Development by Alyse Ergood Managing Stress: SEFLIN Staff Development by Alyse Ergood
Managing Stress: SEFLIN Staff Development by Alyse Ergood
 
Editing with Camtasia Part 2: SEFLIN: Evolving Library Technologies Regional ...
Editing with Camtasia Part 2: SEFLIN: Evolving Library Technologies Regional ...Editing with Camtasia Part 2: SEFLIN: Evolving Library Technologies Regional ...
Editing with Camtasia Part 2: SEFLIN: Evolving Library Technologies Regional ...
 
Konsep ASB (PSEKP - UGM)
Konsep ASB (PSEKP - UGM)Konsep ASB (PSEKP - UGM)
Konsep ASB (PSEKP - UGM)
 
Florida SULS Information Literacy Subcommittee Presentation by group:2011 Gra...
Florida SULS Information Literacy Subcommittee Presentation by group:2011 Gra...Florida SULS Information Literacy Subcommittee Presentation by group:2011 Gra...
Florida SULS Information Literacy Subcommittee Presentation by group:2011 Gra...
 

Similar to Msk security non linear authenticaiton

Psdot 16 a new framework for credit card transactions involving mutual authen...
Psdot 16 a new framework for credit card transactions involving mutual authen...Psdot 16 a new framework for credit card transactions involving mutual authen...
Psdot 16 a new framework for credit card transactions involving mutual authen...ZTech Proje
 
Identity patterns and anit-patterns in real world web services
Identity patterns and anit-patterns in real world web servicesIdentity patterns and anit-patterns in real world web services
Identity patterns and anit-patterns in real world web servicesPrabath Siriwardena
 
Rsa Secur Id From Signify
Rsa Secur Id From SignifyRsa Secur Id From Signify
Rsa Secur Id From Signifykate_holden
 
Rsa Secur Id From Signify
Rsa Secur Id From SignifyRsa Secur Id From Signify
Rsa Secur Id From Signifypjpallen
 
Kerberos Security in Distributed Systems
Kerberos Security in Distributed SystemsKerberos Security in Distributed Systems
Kerberos Security in Distributed SystemsIRJET Journal
 
Nt2580 Final Project Essay Examples
Nt2580 Final Project Essay ExamplesNt2580 Final Project Essay Examples
Nt2580 Final Project Essay ExamplesSherry Bailey
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...IEEEFINALYEARPROJECTS
 
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...IEEEGLOBALSOFTTECHNOLOGIES
 
IRJET- Data Security with Multifactor Authentication
IRJET- Data Security with Multifactor AuthenticationIRJET- Data Security with Multifactor Authentication
IRJET- Data Security with Multifactor AuthenticationIRJET Journal
 
Web Single sign on system
Web Single sign on systemWeb Single sign on system
Web Single sign on systemSwati Sinha
 
A Novel Mutual Authentication Algorithm using Visual Cryptography with Novel ...
A Novel Mutual Authentication Algorithm using Visual Cryptography with Novel ...A Novel Mutual Authentication Algorithm using Visual Cryptography with Novel ...
A Novel Mutual Authentication Algorithm using Visual Cryptography with Novel ...IRJET Journal
 
Combat Passwords on Post-Its with Multi-Factor Authentication for IBM i
Combat Passwords on Post-Its with Multi-Factor Authentication for IBM iCombat Passwords on Post-Its with Multi-Factor Authentication for IBM i
Combat Passwords on Post-Its with Multi-Factor Authentication for IBM iPrecisely
 
A secure communication in smart phones using two factor authentication
A secure communication in smart phones using two factor authenticationA secure communication in smart phones using two factor authentication
A secure communication in smart phones using two factor authenticationeSAT Journals
 
Iaetsd fpga implementation of rf technology and biometric authentication
Iaetsd fpga implementation of rf technology and biometric authenticationIaetsd fpga implementation of rf technology and biometric authentication
Iaetsd fpga implementation of rf technology and biometric authenticationIaetsd Iaetsd
 
Signify Passcode On Demand
Signify Passcode On DemandSignify Passcode On Demand
Signify Passcode On Demandkate_holden
 

Similar to Msk security non linear authenticaiton (20)

status
statusstatus
status
 
ffv
ffvffv
ffv
 
status
statusstatus
status
 
Psdot 16 a new framework for credit card transactions involving mutual authen...
Psdot 16 a new framework for credit card transactions involving mutual authen...Psdot 16 a new framework for credit card transactions involving mutual authen...
Psdot 16 a new framework for credit card transactions involving mutual authen...
 
Identity patterns and anit-patterns in real world web services
Identity patterns and anit-patterns in real world web servicesIdentity patterns and anit-patterns in real world web services
Identity patterns and anit-patterns in real world web services
 
3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORD
 
Rsa Secur Id From Signify
Rsa Secur Id From SignifyRsa Secur Id From Signify
Rsa Secur Id From Signify
 
Rsa Secur Id From Signify
Rsa Secur Id From SignifyRsa Secur Id From Signify
Rsa Secur Id From Signify
 
Kerberos Security in Distributed Systems
Kerberos Security in Distributed SystemsKerberos Security in Distributed Systems
Kerberos Security in Distributed Systems
 
Nt2580 Final Project Essay Examples
Nt2580 Final Project Essay ExamplesNt2580 Final Project Essay Examples
Nt2580 Final Project Essay Examples
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...
 
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...
 
IRJET- Data Security with Multifactor Authentication
IRJET- Data Security with Multifactor AuthenticationIRJET- Data Security with Multifactor Authentication
IRJET- Data Security with Multifactor Authentication
 
Web Single sign on system
Web Single sign on systemWeb Single sign on system
Web Single sign on system
 
A Novel Mutual Authentication Algorithm using Visual Cryptography with Novel ...
A Novel Mutual Authentication Algorithm using Visual Cryptography with Novel ...A Novel Mutual Authentication Algorithm using Visual Cryptography with Novel ...
A Novel Mutual Authentication Algorithm using Visual Cryptography with Novel ...
 
Combat Passwords on Post-Its with Multi-Factor Authentication for IBM i
Combat Passwords on Post-Its with Multi-Factor Authentication for IBM iCombat Passwords on Post-Its with Multi-Factor Authentication for IBM i
Combat Passwords on Post-Its with Multi-Factor Authentication for IBM i
 
A secure communication in smart phones using two factor authentication
A secure communication in smart phones using two factor authenticationA secure communication in smart phones using two factor authentication
A secure communication in smart phones using two factor authentication
 
Web services security_in_wse_3_ppt
Web services security_in_wse_3_pptWeb services security_in_wse_3_ppt
Web services security_in_wse_3_ppt
 
Iaetsd fpga implementation of rf technology and biometric authentication
Iaetsd fpga implementation of rf technology and biometric authenticationIaetsd fpga implementation of rf technology and biometric authentication
Iaetsd fpga implementation of rf technology and biometric authentication
 
Signify Passcode On Demand
Signify Passcode On DemandSignify Passcode On Demand
Signify Passcode On Demand
 

Recently uploaded

Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 

Recently uploaded (20)

Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 

Msk security non linear authenticaiton

  • 1. Non Linear Authentication SM Non Linear Authentication SM By MSK Security Version 1.0.20100308 Patent Pending Prepared by: Shahram Karimian Raymond Gallagher 3/9/2010 Page 1 of 12 © Copyright 2010 MSK Security
  • 2. Non Linear Authentication SM Table of Contents Non Linear Authentication SM ..................................................................1 By MSK Security ..................................................................................1 Version 1.0.20100308.....................................................................1 Patent Pending ..............................................................................1 Table of Contents .................................................................................2 Executive Summary..............................................................................3 Non-Linear Authentication SM..................................................................5 Linear Authentication ......................................................................5 Non-Linear Authentication SM............................................................5 How the MSK Digital IDTM isolates and protects.........................................6 Out of Band Transactional Verification for Banking .................................7 Isolation through HASP ......................................................................8 Data Protection:.............................................................................8 System Protection: .........................................................................8 MSK Digital IDTM Smart Token – .............................................................9 System requirements............................................................................9 Implementation .............................................................................9 Proven technologies and best practices .............................................. 10 Appendix A........................................................................................ 11 How the Security Token communicates ........................................... 11 How the Authentication Server communicates .................................. 11 3/9/2010 Page 2 of 12 © Copyright 2010 MSK Security
  • 3. Non Linear Authentication SM Executive Summary MSK Security is designed to allow secure logins, transaction verification, payment processing and Digital Signatures, in a WAN environment and to remove the possibility of non-authorized activity interfering with these processes. MSK Security has invented “Non-Linear Authentication SM” (Patent Pending) and has a proven implementation of it in our (MSK Web Management 2008 system our 3rd generation management system). Some of the aspects that come out of MSK Security’s implementation of “Non-Linear Authentication SM” are Bidirectional Authentication, Two-Factor Authentication and Out-of-Band Authentication. There has been a lot of discussion about Multi-factor Authentication but little attention has been spent on the aspects of authentication. Non-Linear Authentication SM is, in its own right, a new aspect of authentication and by default exhibits characteristics from many other techniques. This is due in part by the nature of Non-Linear Authentication SM and in part to the powerful way in which MSK Security has implemented it. Many security systems and techniques have failed not because of security but because of usability. From the End-Users perspective, using the security token is no more difficult than the current username/password combination and in some respects (especially across multiple enabled systems) is considerably easier. Two-factor Authentication There are only three possible factors for authentication, something you know, something you have and something you are: 1. Something you know such as a Password, Image, Pattern, Answers to questions are just forms of single-factor authentications. 2. Something you have such as Unique Client Programs, OTP Tokens, Computer hardware, Smart Cards and Keys would also be considered single-factor unless you combine it with something you know. Something you have by its self is still stronger than just something you know. 3. Something you are (the strongest single factor for authentication) such as a Finger Print, Retina, DNA, Picture ID from a trusted source. 3/9/2010 Page 3 of 12 © Copyright 2010 MSK Security
  • 4. Non Linear Authentication SM What are aspects of authentication? The aspect of authentication is a high level implementation of authentication. It answers the questions “Who has to authenticate?” “Who is trusted?” “How are credentials transmitted?” “What factors of authentication are going to be used?” Almost all websites use single factor unidirectional authentication. Bidirectional Authentication Bidirectional authentication is where the service authenticates to the end- user and the end-user authenticates to the service. This has been implemented by displaying a secrete pass-phrase or picture on the webpage after the end-user puts in their username but before they enter their password. Bidirectional Authentication is an aspect of authentication. User Server/Service Out-of-Band Authentication Out-of-Band Authentication is where part of the communication with a service is done outside the line of communication. This has been implemented by sending an email or making a phone call with a password when the end-user attempts to login. Out-of-Band Authentication is an aspect of authentication. User Server/Service E-mail/Phone 3/9/2010 Page 4 of 12 © Copyright 2010 MSK Security
  • 5. Non Linear Authentication SM Non-Linear Authentication SM Non-Linear Authentication SM has three players the End-User, the Service or (an agency’s internal network and business applications) and the Authentication-Service or (Auth Server). Non-Linear Authentication SM is where both the End-User and the Service have to authenticate to the Auth Server. The End-User first picks a Service to login to; the Service then authenticates itself to the Auth Server; next the End-User authenticates to the Auth Server; finally the End-User logs in and it is at this point that the Service checks independently with the Auth Server to see if the End-User has authenticated. This is also the point at which the End-Users receive their access rights. Linear Authentication User Server/Service User Authentication Server/Service server/service Server/Service1 User Authentication server/service Server/Service 2 Server/Service 3 Non-Linear Authentication SM Server User 1 Out-of-Band Credentials Server Server 3 2 Authentication server/service Secure Information 3/9/2010 Page 5 of 12 © Copyright 2010 MSK Security
  • 6. Non Linear Authentication SM How the MSK Digital IDTM Works All businesses and agencies have sensitive data and must simultaneously protect it and provide access to it. To effectively do this, a proven system for user authentication is required. The ideal system provides top-level security with cost-effective deployment and maintenance as well as ease of use. MSK offers identity and access management solutions that meet these requirements. MSK delivers enterprise-grade user authentication that is more powerful than existing PKI technologies without the complexity, overhead and risk associated with these solutions that require key management and storage. To deliver powerful authentication with minimal overhead, MSK takes the proven two-factor method to a new level of ease of use and security. MSK also adds another level of security by having users’ authentication done directly between the smart security token and the authentication server. This direct connection allows the token to have Bi- directional authentication and Out-of-Band authentication at the same time. Example: Banking Site Login Bi-Directional Authentication First Factor Something you know Second Factor Something you have Second Factor If you are not on an authorized PC 3/9/2010 Page 6 of 12 © Copyright 2010 MSK Security
  • 7. Non Linear Authentication SM Transactional Verification for Banking Account where funds are coming from Amount and where the funds are going Payment processing Digital Signatures 3/9/2010 Page 7 of 12 © Copyright 2010 MSK Security
  • 8. Non Linear Authentication SM HASP (Hardware Against Software Piracy) MSK Digital ID™ has an optional HASP feature that allows Software on Demand from a specific machine or a pre determined network of machines; this guarantees the highest level of controlled access. Users can be limited to a specific machine or group of machines preventing password sharing. All of this is accomplished without the need to install cumbersome software or hardware. - Provides a better way to meet compliance - Enables more control over use of service - Ensures controlled access to sensitive data From the Point of Authentication: Data Protection: Unauthorized Users: • Phishing • Man-in-the-Middle • Key Loggers • Password Sharing MSK Security will protect you from all of these attacks. Insider Threats: • Audit Trails • Identity and Access Management MSK Web Management TM solution includes full audit trails granular to any machine that attempts to login. The solution includes a single point provisioning and single click removal or de-provisioning. System Protection: Injection attacks: • SQL-Injection • Cross-site-scripting Injections into the Buffer fields like (username and password fields) can damage a system. MSK removes the buffer fields; this reduction of the attack surface eliminates injection attacks. 3/9/2010 Page 8 of 12 © Copyright 2010 MSK Security
  • 9. Non Linear Authentication SM MSK Digital IDTM Smart Token – System requirements The Security Token runs under Microsoft .NET Framework v1.1.4322 and above. The .NET Framework is included on Windows XP service pack 2 and is part of the OS for Windows Vista and Windows 7. The MSK Security Smart Token requires no installation it is a stand alone executable that will just run if double clicked. Fully testing has been done on Window 2000, Windows XP, Windows Vista, Windows 7 and Windows 2003 Server. The Security Token will recognize Fire Fox 2.0 and earlier; the most common implementation is under Internet Explorer 5.0 and above this includes the latest version of Internet Explorer 8.0 Testing has also include MAC computers running Virtualized versions of the Windows OS. Implementation There are two way to implement MSK Digital ID first is our SAAS model second is a self hosted model. Our SAAS model has only a small a per-set license. The self hosted model will require a Secure MSK Security Authentication Server and will require Branded Smart Tokens that will only communicate with the self hosted Authentication Server. The requirements of the physical server are Windows 2003 Server other requirement will vary depending on implementation (Firewalls, Proxies, Monitoring Services, Secure Hosting Services i.e. SAS 70 Datacenter). Our SAAS (Software-As-A-Service) model is by far the most robust and is the far less costly option. Traditional two factor solutions require distribution and life cycle management of expensive hardware tokens that need to be synchronized with expensive on premise authentication servers that require expensive on premise maintenance. Distribution of the MSK Security Smart Token is quick and easy. The MSK Web Management TM system is included as part of the service not an extra piece of software that needs to be installed and maintained or licensed. The optional HASP (Hardware Against Software Piracy) feature is included as part of the offering. The Smart Tokens can be married to 1 or more computers preventing them from being used on non-authorized computers. Scalability is quick and limitless. With traditional systems this process can be very painful and expensive. 3/9/2010 Page 9 of 12 © Copyright 2010 MSK Security
  • 10. Non Linear Authentication SM Proven technologies and best practices Proven technologies included with the system are as fallows • 128-bit SSL (Secure Socket Layer) • 256 or 512-bit SHA (Secure Hash Algorithm) • One time only Salted SHA (Random Data added to a Hash to prevent Rainbow table collision attacks) • .NET (Managed Software Framework that is keep up-to-date) • SQL (Structured Query Language) used for high performance data management • Windows Server 2003 • SAS 70 Type II Data Center 3/9/2010 Page 10 of 12 © Copyright 2010 MSK Security