Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing the Net: Web Authentication Using SecureLogin

Published byEmily Esther Whitehead Modified over 5 years ago

Similar presentations

Presentation on theme: "Securing the Net: Web Authentication Using SecureLogin"— Presentation transcript:

1 Securing the Net: Web Authentication Using SecureLogin
Novell BrainShare 2002 Securing the Net: Web Authentication Using SecureLogin Keith Lewis Consultant Novell, Inc. Tony Merritt Engagement Partner TUT244—Securing the Net: Web Authentication Using SecureLogin

2 The Password Crisis: Typical User
Tony, the typical end user, has run out of sticky notes He must fly to 3M headquarters in Northridge, CA He must rent a car and a hotel while his order is processed He must ship the order back by FedEx If he cannot complete his mission, no one will be prepared for the upcoming, mandatory password change Will he make it??

3 The User’s Password Crisis Defined
Growing number of passwords Stringent security requirements Complex Internet applications using Java, Frames, and CGI Scripting End users are not always at the office desktop, so access to sticky notes may be limited Proliferation of shared desktops—browser-remembered passwords will not work

4 Management’s Password Crisis Defined
Growing number of applications to support Corporate standards require customization of solution Difficult to introduce or enforce username and password policies Help desk must be able to manage solution Corporate cost of sticky notes

5 Password Crisis Studies
Novell BrainShare 2002 Password Crisis Studies Help desk reset costs (hard costs) Gartner—$ per user per year Large customer—$35 per reset Password reset account for 25-40% of help desk calls 70-80% of these calls are forgotten passwords Productivity increases (soft costs) 25-45 hours a year logging on per user 14-22 hours with Single Sign-On TUT244—Securing the Net: Web Authentication Using SecureLogin

6 The Password Crisis: Smart User
Keith, the smart user, does not need sticky notes He gracefully enters one password for all systems he needs to work with He books travel to Florida for a vacation with the bonus he received from saving the company money on sticky notes He is able to book a car, hotel, airfare, and verify that he has enough time off with one login How did he do that??

7 SecureLogin User Features
Provides a single password experience for the user Provides biometrics support and graded authentication for additional security and ease of use Helps provide a consistent user interface for password changes, warnings, errors, corporate messages, etc. Provides support for Internet applications using Java, Frames, and CGI Scripting Stores encrypted passwords in Novell eDirectory™, allowing the end user roaming access to Single Sign-on capability Since passwords are in eDirectory, NOT in the browser, a typical desktop upgrade will NOT put the user out of work for several days

8 SecureLogin Management Features
Uses the Novell SecretStore® technology to secure credentials Provides a robust scripting language to simplify user experience and requires minimal training Uses Novell ConsoleOne® and eDirectory to ease the distribution and management of scripts into the corporate environment Eases the introduction of new or the enforcing of existing password policies Provides a common solution for different access methods including desktop with thick client, thin clients, web-based, kiosk-based, etc.

9 Enabling a Web Application: Profiling
Initial authentication when no credentials exist Authentication once credentials have been set Authentication with incorrect password Changing the password

10

11 Enabling a Web Application: Flow
Identify the URL that presents Internet page with the login dialog boxes Determine functionality built into the Internet page Determine if a username or password policy is needed Identify the URL or text that indicates a successful login as well as a failed one Determine if solution will require Novell Modular Authentication Services (NMAS™), statistics, or logging

12

13

14 Enabling a Web Application: Configuring
There are three different mechanisms for configuring applications Invoking the wizard on SecureLogin console Auto-capture on login by wizard Manually adding the application and script

15 SecureLogin Application Wizard

16 SecureLogin Application Wizard (cont.)

17 SecureLogin Auto Capture Wizard

18 SecureLogin Auto Capture Wizard (cont.)

19 Manually Adding the Application and Script

20 Sample SecureLogin Script
Dialog Title "Enter Network Password" Ctrl "#1218" Ctrl "#1219" ctrl #1041 EndDialog Setplat "novell" readtext #1041 ?website if ?website eq "mail.myrealbox.com" displayvariables else endscript endif Type "$Username"#1218 Type "$Password"#1219 Click #1

21 Vision…one Net Mission
A world where networks of all types—corporate and public, intranets, extranets, and the Internet—work together as one Net and securely connect employees, customers, suppliers, and partners across organizational boundaries Mission To solve complex business and technical challenges with Net business solutions that enable people, processes, and systems to work together and our customers to profit from the opportunities of a networked world

22

23 wiN big Access and Security table one Net solutions lab visit the
in the to obtain an entry form

24

Download ppt "Securing the Net: Web Authentication Using SecureLogin"

Similar presentations

automated single login access to Novell storage resources

automated single login access to Novell storage resources
Omni eControl. New Features in Version 2.x - Manage Mixed Networks: eDirectory, Active Directory, GroupWise, Exchange eControl Version 2.0 New Features.

Omni eControl. New Features in Version 2.x - Manage Mixed Networks: eDirectory, Active Directory, GroupWise, Exchange eControl Version 2.0 New Features.
Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
WEB CONNECT FOR EASYNVR : 2015. WEB CONNECT INCREASES YOUR PROFITABILITY BY REDUCING INSTALLATION LABOR COSTS WHILE SIMULTANEOUSLY CREATING NEW REVENUE.

WEB CONNECT FOR EASYNVR : WEB CONNECT INCREASES YOUR PROFITABILITY BY REDUCING INSTALLATION LABOR COSTS WHILE SIMULTANEOUSLY CREATING NEW REVENUE.
Novell eDirectory™ Deployment at Hydro Quebec Richard Cabana Enterprise Technology Account Manager Novell Canada Ltd.

Novell eDirectory™ Deployment at Hydro Quebec Richard Cabana Enterprise Technology Account Manager Novell Canada Ltd.
15.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.

15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
Novell iChain ® 2.x Configuration Using the Web Server Accelerator Wizard Cary Andrews Senior Software Engineer Novell, Inc.

Novell iChain ® 2.x Configuration Using the Web Server Accelerator Wizard Cary Andrews Senior Software Engineer Novell, Inc.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Securing Your GroupWise ® System Morris Blackham Software Engineer Novell, Inc. Danita Zanrè Senior Consultant Caledonia.

Securing Your GroupWise ® System Morris Blackham Software Engineer Novell, Inc. Danita Zanrè Senior Consultant Caledonia.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen,

Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen,
Classroom User Training June 29, 2005 Presented by:

Classroom User Training June 29, 2005 Presented by:
1 Guide to Novell NetWare 6.0 Network Administration Chapter 13.

1 Guide to Novell NetWare 6.0 Network Administration Chapter 13.
6.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 6: Administering User Accounts.

6.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 6: Administering User Accounts.
5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Goals 

5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam Microsoft® Windows® 2000 Directory Services Infrastructure Goals 
Log on to Digital Locker Website You should be able to log on using Internet Explorer browser at the campus. You may need to log in using Mozilla FireFox.

Log on to Digital Locker Website You should be able to log on using Internet Explorer browser at the campus. You may need to log in using Mozilla FireFox.
Using Novell iChain ® 2 to Deliver Internal Network Access without a VPN Brian Six Technical Account Manager Novell, Inc.

Using Novell iChain ® 2 to Deliver Internal Network Access without a VPN Brian Six Technical Account Manager Novell, Inc.
Security Planning and Administrative Delegation Lesson 6.

Security Planning and Administrative Delegation Lesson 6.
Novell iManager Introduction and Overview James Whitchurch Director—Software Engineering Novell, Inc. Karl Ford Engineering.

Novell iManager Introduction and Overview James Whitchurch Director—Software Engineering Novell, Inc. Karl Ford Engineering.
iChain ® 2.1: Introduction and Overview Lee Howarth Product Manager Novell, Inc.

iChain ® 2.1: Introduction and Overview Lee Howarth Product Manager Novell, Inc.

Similar presentations

Ads by Google