A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.
Transcript of A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.
a l a d d i n . c o m
© Copyright 2008 Aladdin Knowledge Systems Ltd. All rights reserved.
All trade and service marks, logos and trade names(collectively, the "Marks") mentioned herein, whether registered or
no, are proprietary to Aladdin, or other respective owners who have granted Aladdin the right and license to use such
Marks and are subject to trademark rights of Aladdin.
The information contained in this presentation is protected by international copyright laws. The copyrights are
owned by Aladdin or the original creator of the material. The information contained herein is provided to you for
informational purposes only, and except and to the extent specifically permitted, no portion of this presentation
may be copied, reproduced (or the like), distributed or used in any way whatsoever whether directly or indirectly.
In addition to Aladdin’s trademarks, logos, content and information, this presentation may contain references to
trademarks and/or logos owned by other entities. Aladdin expressly disclaims any proprietary interest in trademarks
and/or logos owned by other entities and makes no representation of any association, sponsorship, affiliation, or
endorsement with or by the owners of such trademarks and/or logos.
This presentation may contain references and use of third party web sites for purposes of providing examples relevant
to this course. Aladdin assumes no responsibility and/or liability for any content and/or information contained in such
third party web sites. Aladdin further does not endorse the companies or contents of any referenced sites.
Aladdin does not assume any responsibility or liability for the accuracy of the information contained in this presentation.
The information contained in this presentation is provided "as is" and does not constitute a warranty of any kind, either
express or implied. Aladdin disclaims all warranties, expressed or implied, including but not limited to implied
warranties of merchantability, fitness for a particular purpose, and non-infringement.
Legal Notice
a l a d d i n . c o m
Topics Covered in This Presentation
• The Need
• The eToken NG-OTP solution
• Use cases
• Features
• The Java card platform
• eToken NG-OTP Key Selling Points
• The eToken mix of authenticators
• Aladdin Authentication
a l a d d i n . c o m
The Need
• In today’s digital environment, numerous user devices are available for a variety of functions in different environments:– Strong Authentication
– Digital Signing
– Physical Access
• Use of multiple devices creates security and manageability challenges for organizations and users
The need: a single device providingmultiple capabilities
a l a d d i n . c o m
The Solution: eToken NG-OTP
Hybrid device solution
• Offers secure strong user authentication using PKI or one-time passwords (OTP)
• Enables strong authentication either with or without client software and USB connectivity
• Superb manageability with eToken TMS (Token Management System)
• Roadmap: Dec. 2008Integrated with SafeWord 2008
a l a d d i n . c o m
PKI – OTP Combination
PKI Authentication
Highly secured smartcard based authentication
• Strong two-factor authentication
• The token uses a smart card to securely store user’s private key
• Full PKI functionality including VPN connection and digital signatures
OTP Authentication
Secure and accessible authentication from anywhere
• Strong two-factor authentication
• The token generates random passwords –impossible to guess
• Each password can be used only once
a l a d d i n . c o m
Common use cases
• In the office– An employee can access the organization’s network
while in the office by connecting the eToken to his computer’s USB port
• On the road– When the employee is out of the office, he may use
the same token to securely access the network via a VPN connection, with a one-time password, even from a public computer
a l a d d i n . c o m
Introducing the Java Card Platform
• A better and more flexible offering than ever before
The Java devices:
• Dedicated eToken applet conforming to the industry standard Java platform
• Enable loading of additional applets for custom applications
Much greater control and versatility in adjusting to our customers’ future needs
a l a d d i n . c o m
Why is Java better?
1. Price reduction - More for less money
2. Device Certifications - FIPS 140-2 Level 2,3, and 4; and, Common Criteria (CC) certification
3. More Memory 72K – more than existing 32K and 64K models
4. Customers Can Do More with Each Token - More flexible and extendable platform to load custom Java applets
5. Caters to unique customer’s needs, and give added value - Adaptation to Russian Gost certification, Korean seed
6. Enhanced Microsoft Support - Supports Microsoft CCID interface; Plug & Play user experience with Windows XP SP2 and up, requiring only the eToken Minidriver
7. Highly Secured and Standardized - Java Virtual Machine fully compatible with the Sun Java Card standard
8. Flexibility to Develop and Load Applets - Using eToken Java Card SDK
a l a d d i n . c o m
eToken NG-OTP 72K (Java) Features
• New! Java smartcard• USB token with OTP function (LCD display, battery & OTP generation button)• Replaceable battery with low battery indicator• Smart card support for RSA 1024- and 2048-bit keys, Triple DES, SHA1• Support for the OATH OTP protocol• Standard Support for CAPI, PKCS#11 and RADIUS OTP• Fully compatible with eToken PRO technology• Secure implementation using smartcard chip for PKI and OTP operations• Robust plug-and-play USB connectivity• Modular OTP algorithm support• Strong two-factor authentication: requires both token and token password• Non-repudiation using advanced on-board PKI digital signing technology• Integrated secure logical and physical access option
a l a d d i n . c o m
eToken NG-OTP Key Selling Points
Flexible and versatile solution: PKI, OTP, secure credential storage
Enhances business with secure anytime, anywhere connectivity
Enhances security with strong two-factor authentication
Cost effective convenience – a mix of devices in one to best meets your requirements with lower TCO
Enables future extension of the authentication solution– A variety of eToken security solutions is available, e.g. password
management, PC security, and more
a l a d d i n . c o m
eToken Authenticators - The Best Mix for You
eToken NG-OTP is part of an extensive range of authenticators:• eToken NG-OTP• eToken PRO• eToken PRO Smartcard• eToken NG-FLASH• eToken PASS• eToken PRO Anywhere*
*CA Release
a l a d d i n . c o m
Leader in USB-based and OTP strong authentication
Enables organizations to easily and effectively• Expand business opportunities with secure network
access• Improve data security through encryption and
digital signing• Reduce costs and vulnerabilities with superior
password management
Aladdin Authentication