Presentation is loading. Please wait.

Presentation is loading. Please wait.

Our Mission: to secure these applications Against…  Direct observation of the login process  Network snoopers  Tailgating proxy  Keystroke logging.

Published byEdward Andrews Modified over 8 years ago

Similar presentations

Presentation on theme: "Our Mission: to secure these applications Against…  Direct observation of the login process  Network snoopers  Tailgating proxy  Keystroke logging."— Presentation transcript:

1

2

3 Our Mission: to secure these applications

4 Against…  Direct observation of the login process  Network snoopers  Tailgating proxy  Keystroke logging malware  Man-in-the-middle attacks  Frame buffer readers  The Enemy Within

5

6 Caused By…

7 and…

8 The Solution

9 The means The user enters the digits corresponding to a secret Keyword. If the Keyword is ‘Fred’ the user enters ‘1101’. Each login features a different set of random numbers, so the matrix solution is different each time.

10 The Products  1. Forticode Enterprise  2. Forticode Authentication Engine with Diffie- Hellman Public Key Encryption  3. Forticode Bulletproof Authentication Engine with D-H Public Key Exchange and in-memory Database  4. Forticode Machine-to-Machine Authentication Engine with Diffie-Hellman Public Key Encryption * Products 2, 3 and 4 require the client to write an interface, for which Forticode supplies a template. * Product 1 is self-contained, with an Oracle/Informix database, needs no interface, and is installed for trial at www.designsim.com.au

11 Forticode Enterprise  Web-based CGI with dynamic HTML pages  Integrated AES256 Encrypted Oracle, DB2 or Informix Database  Suitable for up to 20 million users, possibly unsuitable for credit card applications, because migration or sync would be needed with client’s DB  70 integrated graphical account administration pages, CSS programmable  Optional XML account administration interface  Composite bitmap matrix display, proof against screen scrapers or key loggers  Optional QR matrix display  Optional selectable image sets for matrix  SHA256 matrix solution submission

12 The Enterprise admin functions

13 Forticode Authentication Engine with Public Key Encryption  Unix TCP/IP daemon with fork-on-connect  Uncrackable Diffie-Hellman public key exchange  New public key with each connection  Extremely fast authentication  Unlimited number of users  Specifically designed for credit card applications  No database for hackers to steal  No graphics. All communication is in XML framework  AES256 private key encrypted credentials  AES256 private key encrypted matrix and matrix solution

14 Forticode Bulletproof Authentication Engine With In-memory Database  Unix TCP/IP daemon with fork-on-connect  Uncrackable Diffie-Hellman public key exchange  New public key with each connection  Fast authentication  Number of users limited to ~5 million, therefore unsuitable for credit card applications  In-memory database only contains uncrackable SHA256 hashes of credentials. The Enemy Within has nothing to steal  No graphics. All communication is in XML framework  AES256 private key encrypted matrix and matrix solution

15 Forticode Machine-to-Machine Authentication Engine  Unix TCP/IP daemon with fork-on-connect  Uncrackable Diffie-Hellman public key exchange  New public key with each connection  Extremely fast authentication  Unlimited number of client machines  No database for hackers to steal  No graphics. All communication is in XML framework  AES256 private key encrypted credentials  AES256 private key encrypted matrix and matrix solution

16 Templates for Interfaces  Forticode Enterprise Not required, unless XML communication is selected  Authentication Engine with Public Key Encryption Implements Diffie-Hellman public key exchange, AES256 encryption, and XML communications  Bulletproof Auth Engine with Public Key Encryption and in-Memory Database Implements Diffie-Hellman public key exchange, AES 256 encryption, SHA256 hash for credentials in database and XML communications.

Download ppt "Our Mission: to secure these applications Against…  Direct observation of the login process  Network snoopers  Tailgating proxy  Keystroke logging."

Similar presentations

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.
Chapter 20 Oracle Secure Backup.

Chapter 20 Oracle Secure Backup.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Chapter 17: WEB COMPONENTS

Chapter 17: WEB COMPONENTS
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
Netscape Application Server Application Server for Business-Critical Applications Presented By : Khalid Ahmed DS 520 - Fall 98.

Netscape Application Server Application Server for Business-Critical Applications Presented By : Khalid Ahmed DS Fall 98.
Compliance on Demand. Introduction ComplianceKeeper is a web-based Licensing and Learning Management System (LLMS), that allows users to manage all Company,

Compliance on Demand. Introduction ComplianceKeeper is a web-based Licensing and Learning Management System (LLMS), that allows users to manage all Company,
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.

Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Teamcenter™ Security Services SSO

Teamcenter™ Security Services SSO
Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.

Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
VMware vCenter Server Module 4.

VMware vCenter Server Module 4.
Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.

Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.
SSH Secure Login Connections over the Internet

SSH Secure Login Connections over the Internet
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
IDENTITY MANAGEMENT Hoang Huu Hanh (PhD), OST – Hue University hanh-at-hueuni.edu.vn.

IDENTITY MANAGEMENT Hoang Huu Hanh (PhD), OST – Hue University hanh-at-hueuni.edu.vn.

Similar presentations

Ads by Google