Sie sind auf Seite 1von 23

AUTHSHIELD TWO

FACTOR AUTHENTICATION
The threats from within are increasing on a daily basis.
78% of all information security breaches happen
internally

CASE STUDIES
Information Security at its best

UNIQUE CASE STUDIES

Database Queries - Workflow


Management

SAP GUI and Net weaver

Private and Confidential -INNEFU LABS

Mail Solutions

AUTHSHIELD INTEGRATION WITH


MAIL SERVER

Request forwarded to AuthShield Frontend


Plugin
Second factor Authentication validated from
Authentication server

On validation user name and password request


forwarded to Exchange

Private and Confidential - INNEFU LABS

User enters User Name & Password

2/27/2015

User enters User Name


and Password on Web
Portal

OWA checks for whether


OTP Prompt has to be
shown or not

In case Yes, user is


prompted for OTP else
request is forwarded to
exchange
OTP is validated from
AuthShield Server

Microsoft Exchange with


Authentication Frontend Plugin

2
4

On OTP validation,
original / corrupted
request is forwarded to
exchange

AuthShield Authentication Server

3
Active Directory

SAP GUI INTEGRATION

Request forward to AuthShield Frontend server

Second Factor of Authentication checked with


Authentication Server
User Name and Password are authenticated as
normal

Private and Confidential - INNEFU LABS

2FA integration with SAP GUI

2/27/2015

PROCESS FLOW
User enters User Name and
Password in his client as
normal. Request sent to
AuthShield frontend

Checks for OTP requirement


from Authentication server.
If yes it sends a notification
to the handset / Desktop of
the user

On OTP validation,
original / junk request is
forwarded to SAP servers

4
SAP Servers

2
3

DATABASE QUERIES WORKFLOW


MANAGEMENT

For specific users, when they fire a Database query


A PUSH notification is generated and sent to the
reporting manager

The notification contains details on


User making the request
Details on the request

The query is only processed if the reporting manager


approves the query
The same architecture can be replicated from
Database to any other workflow

Private and Confidential -INNEFU LABS

OTHER CASE STUDIES

Windows Logon with /


without Domain

Critical Intranet Applications including


Core Banking Solutions

Login to Remote
Servers

SSL VPN Juniper / Citrix

Wireless Networks

Private and Confidential -INNEFU LABS

Web Enabled Applications

WEB ENABLED APPLICATIONS (SOURCE CODE


AVAILABLE)

Two Factor Authentication with

Source Code available with the Client


Changes made to the Authentication Module of the
client application

AuthShield login APIs integrated with the application

Private and Confidential -INNEFU LABS

Web Enable Application (PHP Based)


Inhouse built Finance Portal (Java Based)

Private and Confidential -INNEFU LABS

PROCESS
User Name, Pwd, OTP

True Authentication

True Authentication

User Name, OTP

Private and Confidential -INNEFU LABS

Access

User Name, Pwd

INTERNET BANKING SOLUTION

Client wanted Two Factor Authentication with

Source Code available with the Client

Changes made to the Authentication Module of the


client application

Innefus 2FA APIs were integrated with the application


Users were provided One Time Password via SMS any
time a user needs to reset his password

Private and Confidential -INNEFU LABS

Reset Password Options

PROCESS
User Name, Pwd, OTP

True Authentication

True Authentication

User Name, OTP

Private and Confidential -INNEFU LABS

Access

User Name, Pwd

WINDOWS 7, XP WITH MS AD 2008

Client wanted Two Factor Authentication with


Windows XP with MS Active Directory 2003
Windows Vista with MS Active Directory 2003

Changes made to the Login dll of Windows


Innefus server module was installed on Active
Directory
Seamless integration done with Active Directory

Private and Confidential -INNEFU LABS

PROCESS
User Name, Pwd

Active Directory
True Authentication

User Name, OTP

AuthShield Server

Private and Confidential -INNEFU LABS

True Authentication

INTEGRATION WITH VPN

Client wanted Two Factor Authentication with

Authentication in VPN was done via RADIUS server


AuthShields server inbuilt RADIUS server was used
to authenticate the user
All requests forwarded to the IAS server which
authenticates the request

Private and Confidential -INNEFU LABS

SSL VPN

PROCESS
User Name, Pwd

Active Directory
True Authentication

User Name, OTP

AuthShield Server

Private and Confidential -INNEFU LABS

True Authentication

WHAT WE OFFER
Features

One Touch Authentication

PKI Token using smart Phones

Reusable response based on IP and


time duration

Indigenous Tokens thereby offering cobranding opportunities and instant


turnaround time

Customization as per clients


requirements

Superior support at cheaper costs

Unparalleled experience of working


with large Government and corporate
clients

AuthShield

Others

Private and Confidential -INNEFU LABS

S.no

PREVENT IDENTITY THEFT!!

Private and Confidential -INNEFU LABS

COUNT ON

QUESTIONS WELCOME
INNEFU LABS PVT. LTD
www.innefu.com
+91-11-47065864 / 66

contact@innefu.com, info@innefu.com

Private and Confidential -INNEFU LABS

THANK YOU