Intellect Armor Presentation.ppt

18
Intellect Armor COPYRIGHT NOTICE Copyright © 2011 Polaris Software Lab Limited All rights reserved. These materials are confidential and proprietary to Polaris and no part of these materials should be reproduced, published in any form by any means, electronic or mechanical including photocopy or any information storage or retrieval system nor should the materials be disclosed to third parties without the express written authorization of Polaris

description

.NET APIs

Transcript of Intellect Armor Presentation.ppt

Page 1: Intellect Armor Presentation.ppt

Intellect Armor

COPYRIGHT NOTICE

Copyright © 2011 Polaris Software Lab Limited

All rights reserved. These materials are confidential and proprietary to Polaris and no part of these

materials should be reproduced, published in any form by any means, electronic or mechanical

including photocopy or any information storage or retrieval system nor should the materials be

disclosed to third parties without the express written authorization of Polaris Software Lab Limited.

Page 2: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

2

Index Slide

Contents

Facts

Armor Solution

Armor Architecture

Armor Features

Page 3: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

3

FactsThe average employee

accesses 5 to 30 password-protected applications as a part of his/her job

spends as much as 44 hours per year performing multiple login tasks to access 4 applications

More than 25% of Helpdesk costs are password related (Gartner)

Businesses spend an average of $200 per user each year on password management (Forrester)

Page 4: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

4

Armor SolutionARMOR is an integrated suite of Security Services to provide end-to-end security with minimal effort and low costs. ARMOR provides an enterprise-wide system for User Authentication and Profiling, enables centralized administration and ease of implementing corporate security policies.

Enterprise-wide SSO Web/J2EE applications Thick client applications Host based applications Third party tools

Multiple Authentication Mechanisms Static Password Dynamic Password Challenge Response

Multi-level Access control Application access Menu control Functional Access

Single Point Administration Comprehensive suite to define and manage Entities Audit Logs, Security Reports

Multi-lingual support (UTF-8)

Page 5: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

5

ARMOR Architecture

Page 6: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

6

Single Sign OnBrowser based Thin-Client shellAvailable for

Any technology - Windows, Unix, LinuxAny architecture - Three-tier, Two-tier, Browser-

based, Host-basedAny application - Developed in-house

Applications may be of the type Web based or Desktop

Page 7: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

7

Multiple Authentication MechanismsVerification of the identity of a user, typically by User IDs

and passwords Armor Supports Strong Authentication mechanisms

Configurable Static PasswordsDynamic Password TokensChallenge-Response Password Tokens

Works with third party authentication providers, such as Siteminder, RSA, MS-AD (LDAP), Safeword, Blackshield, VASCO, WebSeal

Page 8: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

8

Password PoliciesSecurity Policy ensures security standards:Allows user initiated password changeForced Password Change once every 45 (configurable)

days ID is disabled after 6 (configurable) consecutive

unsuccessful attempts ID is disabled if not in use for 60 (configurable) days ID is closed if not in use for 90 (configurable) days

Page 9: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

9

Password PoliciesPassword Policy restrictions can be set & defines

corporate standards:Allowed length is configurable (min 6, max 16)Should be alphanumericChecked against negative list of common passwords (Configurable) 2 consecutive characters cannot be sameReuse restriction on previous ‘n’ passwords (configurable,

default 6) Cannot be changed twice within a (configurable) 24 hr

period

Page 10: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

10© Copyright Polaris

Software Lab Limited, 2007

Two Factor AuthenticationIntellect Armor currently interfaces with SafeWord, Vasco and RSA to support Two factor Authentication Dynamic Passwords & Challenge Response

Something you Have i.e. Hand Held Hardware device Something you Know i.e. Corresponding PIN number,

ChallengeOne-time use passwords, generated every time the user

wants to log in

Page 11: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

11

Multilevel Access Control

Defines what a User can do in an application Application Access Control

Web Based, launched using a web browserThick Client Based, launched using signed applet

Access Control Within ApplicationMenu ControlFunction Access

Page 12: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

12

Single Point Administration Browser based single-point administration

Audit Reports and Sensitive Event Logging

Passwords for the registries used by the application likeRelational databases (Oracle)Unix hostsApplication Server console

Page 13: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

13

Armor Components Armor Backend

Comprises of Java Services and the Oracle Repository which holds access privileges and information of an application hosted on Armor. This component handles all administration requests generated from the web front end.

Armor Frontend

This is a web application that allows performing all administrative tasks like creating users, assigning entitlements generating and viewing reports.

Armor Toolkit

This is a plug-in adapter component containing APIs that enables Java applications to communicate with the ARMOR for Authentication and Authorization.

Page 14: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

14

Ready to Use Security API’s Complete set of readily available Java & COM

Security APIs for Developers Features include

Security AuthenticationUser AuthorizationUser Info ServicesPassword Management ServicesSSO Services

Page 15: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

Armor Features• Access Control List - Offers IP Address based restriction

for users to strengthen Armor Native Authentication• Forgot Password/Security Question – Facilitates user

driven Reset password feature (without the Admin user's intervention) whenever user forgets his/her own password

• Password Rules - Password Rules are now configurable as per Customer's requirement through Regular Expressions

• Default Password - Default password can now be set (combination of first 4 letters of User ID and Date of Birth (ddmmyyyy)) for a user at the time of user creation automatically

Page 16: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

Armor Features• Zero Configuration (Native Authentication) - Armor

binaries will be provided with default configurations and intelligent modules to read environment specific configurations required and auto configure themselves for deployment

• Securing User’s Login Credentials - For every authentication request raised from the client end, identified sensitive information (password) shall go through a cryptographic routine to form an indecipherable string before being communicated through network layer

• CSRF token implementation - Prevents Cross Site Request Forgery Attacks

Page 17: Intellect Armor Presentation.ppt

© Copyright Polaris Software Lab Limited,

2011

Armor Features• Password communication via Email - With the email flag

enabled in Armor any new user addition or password reset results in sending a random password to the mentioned email id of the user during the addition

• Idle/Forced Session Timeout - Automatic Idle/Forced Session timeout would now be centrally managed through configuration for all the applications launched through Armor

• Set Default field values for User Creation• Excel upload utility for Entity Maintenance

Page 18: Intellect Armor Presentation.ppt

Thank You