Beruflich Dokumente
Kultur Dokumente
COPYRIGHT NOTICE Copyright 2011 Polaris Software Lab Limited All rights reserved. These materials are confidential and proprietary to Polaris and no part of these materials should be reproduced, published in any form by any means, electronic or mechanical including photocopy or any information storage or retrieval system nor should the materials be disclosed to third parties without the express written authorization of Polaris Software Lab Limited.
Index Slide
Contents
Facts Armor Solution Armor Architecture Armor Features
Facts
The average employee accesses 5 to 30 password-protected applications as a part of his/her job spends as much as 44 hours per year performing multiple login tasks to access 4 applications More than 25% of Helpdesk costs are password related (Gartner) Businesses spend an average of $200 per user each year on password management (Forrester)
Armor Solution
ARMOR is an integrated suite of Security Services to provide end-to-end security with minimal effort and low costs. ARMOR provides an enterprise-wide system for User Authentication and Profiling, enables centralized administration and ease of implementing corporate security policies.
Enterprise-wide SSO Web/J2EE applications Thick client applications Host based applications Third party tools Multiple Authentication Mechanisms Static Password Dynamic Password Challenge Response Multi-level Access control Application access Menu control Functional Access Single Point Administration Comprehensive suite to define and manage Entities Audit Logs, Security Reports Multi-lingual support (UTF-8)
ARMOR Architecture
Single Sign On
Available for Any technology - Windows, Unix, Linux Any architecture - Three-tier, Two-tier, Browser-based, Host-based Any application - Developed in-house
Verification of the identity of a user, typically by User IDs and passwords Armor Supports Strong Authentication mechanisms Configurable Static Passwords Dynamic Password Tokens Challenge-Response Password Tokens Works with third party authentication providers, such as Siteminder, RSA, MS-AD (LDAP), Safeword, Blackshield, VASCO, WebSeal
Password Policies
Security Policy ensures security standards:
Allows user initiated password change Forced Password Change once every 45 (configurable) days ID is disabled after 6 (configurable) consecutive unsuccessful attempts ID is disabled if not in use for 60 (configurable) days ID is closed if not in use for 90 (configurable) days
Password Policies
Password Policy restrictions can be set & defines corporate standards:
Allowed length is configurable (min 6, max 16) Should be alphanumeric Checked against negative list of common passwords (Configurable) 2 consecutive characters cannot be same Reuse restriction on previous n passwords (configurable, default 6) Cannot be changed twice within a (configurable) 24 hr period
Dynamic Passwords & Challenge Response Something you Have i.e. Hand Held Hardware device Something you Know i.e. Corresponding PIN number, Challenge One-time use passwords, generated every time the user wants to log in
Web Based, launched using a web browser Thick Client Based, launched using signed applet Menu Control Function Access
Browser based single-point administration Audit Reports and Sensitive Event Logging Passwords for the registries used by the application like
Armor Components
Armor Backend Comprises of Java Services and the Oracle Repository which holds access privileges and information of an application hosted on Armor. This component handles all administration requests generated from the web front end.
Armor Frontend This is a web application that allows performing all administrative tasks like creating users, assigning entitlements generating and viewing reports.
Armor Toolkit
This is a plug-in adapter component containing APIs that enables Java applications to communicate with the ARMOR for Authentication and Authorization.
13 Copyright Polaris Software Lab Limited, 2011
Complete set of readily available Java & COM Security APIs for Developers
Features include Security Authentication User Authorization User Info Services Password Management Services SSO Services
Armor Features
Access Control List - Offers IP Address based restriction for users to strengthen Armor Native Authentication Forgot Password/Security Question Facilitates user driven Reset password feature (without the Admin user's intervention) whenever user forgets his/her own password Password Rules - Password Rules are now configurable as per Customer's requirement through Regular Expressions Default Password - Default password can now be set (combination of first 4 letters of User ID and Date of Birth (ddmmyyyy)) for a user at the time of user creation automatically
Armor Features
Zero Configuration (Native Authentication) - Armor binaries will be provided with default configurations and intelligent modules to read environment specific configurations required and auto configure themselves for deployment Securing Users Login Credentials - For every authentication request raised from the client end, identified sensitive information (password) shall go through a cryptographic routine to form an indecipherable string before being communicated through network layer CSRF token implementation - Prevents Cross Site Request Forgery Attacks
Armor Features
Password communication via Email - With the email flag enabled in Armor any new user addition or password reset results in sending a random password to the mentioned email id of the user during the addition Idle/Forced Session Timeout - Automatic Idle/Forced Session timeout would now be centrally managed through configuration for all the applications launched through Armor Set Default field values for User Creation Excel upload utility for Entity Maintenance
Thank You