Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Single Sign On with USB Tokens

from [Luis Lopez Sanchez] Network Security [Permanent Link]
Subject: RE: Single Sign On with USB Tokens
Date: Thu, 29 Sep 2005 11:40:05 +0200 


Hi list,
 
The solution that Rodrigo have said for IE named Web Sign-On (WSO) is not an 
aunthentic SSO, simply is a way to manage identities via smart chip into 
Aladdin Security Token assign an user/password to each http form identifying 
the form and URL
 
The SSO is possible with eToken PRO from Aladdin, IMHO is a good choice, but 
you must think in crytoflex from Schlumberger SmartCards Division (Axalto now!) 
is an historic reference, and others like ActiveCard for instance.
 
At time to make an election, you must to think in the USB security token 
integration possibilities, it must be able to integrated with other 
crypto-aplication such as PGP Enterprise, Entrust modules, Utimaco natively or 
via PKCS#11.
 
Is very important to make a good choose, assure that the Cryptographic Service 
Provider (or CSP) is supported natively from your Certification Authority (or 
CA).
 
Beside is important known the key type and its lenght, for example, in the 
Aladdin eToken PRO only accept RSA Keys with a lenght of 1024.
 
Is possible integrate eToken PRO in a GNU/Linux enviroment, SUN Solaris, *BSD 
... Cisco Systems have choosen this solution too to two factor authentication 
to upgrade IOS and console authentication recently.
 
Please, visit the M.U.S.C.L.E for more info and diferent drivers for SC (there 
are a lot of them):
 
http://www.musclecard.com/drivers.html
 
Regards,
 
--
Luislo

        -----Mensaje original-----
        De: Rodrigo Blanco [mailto:rodrigo.blanco.r@gmail.com] 
        Enviado el: mià 28/09/2005 19:54 
        Para: Carlos Andres Rodriguez C. 
        CC: security-basics@securityfocus.com 
        Asunto: Re: Single Sign On with USB Tokens
        
        

        eToken from Aladdin will do web SSO on IExplorer (Windows only, I 
think).
        
        On 9/26/05, Carlos Andres Rodriguez C. <carlosarodriguezc@gmail.com> 
wrote:
        > Hi,
        >
        > I'm looking for a Single Sign On (SSO) solution based on USB tokens 
that
        > works with multiplatform environments.... Does anyone here in the list
        > know about any vendors who offers these kind of products?
        >
        > Thanks
        >
        > Carlos AndrÃs RodrÃguez C.
        > CISSP, BS7799-2 Lead Auditor
        >
        >
        >
        
        


------------------------------------------------------------------
This e-mail and the documents attached are confidential and intended solely
for the addressee; it may also be privileged. If you receive this e-mail
in error, please notify the sender immediately and destroy it.
As its integrity cannot be secured on the Internet, the Atos Origin group
liability cannot be triggered for the message content. Although the
sender endeavours to maintain a computer virus-free network, the sender does
not warrant that this transmission is virus-free and will not be liable for
any damages resulting from any virus transmitted.

Este mensaje y los ficheros adjuntos pueden contener informacion
confidencial destinada solamente a la(s) persona(s) mencionadas
anteriormente. Pueden estar protegidos por secreto profesional Si usted
recibe este correo electronico por error, gracias de informar inmediatamente
al remitente y destruir el mensaje.
Al no estar asegurada la integridad de este mensaje sobre la red, Atos
Origin no se hace responsable por su contenido. Su contenido no constituye
ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por
ambas partes.
Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor
no puede garantizar nada al respecto y no sera responsable de cualesquiera
danos que puedan resultar de una transmision de virus
------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Hard Drive Intergrety Status, dave kleiman
Next by Date:  RE: New Job., McKinley, Jackson
Previous by Thread:  RE: Single Sign On with USB Tokens, Manuel de Miguel Moreno
Next by Thread:  Windows Vista current flaws, Jon Lawhead
Indexes:  [Date] [Thread] [Top] [All Lists]