DAS

ST Electronics (Info-Security) Pte Ltd.

Description

DigiSAFE Authentication Server – DAS

Within today’s Internet environment, cyber threats has become a prominent issue especially in enterprises that offers online application and e-services. Access control with a simple ID and password is no longer sufficient in face of all these threats. These credentials can be easily hacked and obtained through phishing, key loggers, social engineering, Trojan Horses, etc.

To enforce and protect the interests of enterprises and their users, a second-factor authentication (2FA) is introduced. This system allows a second layer of authentication via hardware token or mobile code.

Different layer of security may require different kind of transaction depending on the sensitivity. This system offers 3 types of 2FA for the different requirements of each enterprise; normal One-Time Password (OTP); Challenge Response and Transaction Signing.

DigiSAFE authentication server is designed to meet government and financial institutes’ stringent security and availability specifications. It has been deployed and is currently providing 2FA for various web portals, VPNs, operation system, logins, network devices and emails in government, financial institutes and online healthcare services.

Key Features

Ease of Integration

DAS integrates seamlessly with an array of devices and application, such as VPN 2FA login and windows 2FA login. Its suite of APIs supports different programming languages. It supports integration with existing enterprise IT systems.

Management of Different Security Level

DAS provides different concept of authentication methods (simple OTP, Challenge Response, or Transaction Signing) Purpose to allow Enterprise to balance between system usability and security requirement, based on sensitivity of transactions.

Support Multiple Authentication Mechanisms

DAS supports industry standard 2FA hardware token, software token, and SMS OTP.

Simplify Management and Report Generation

DAS simplifies the operation through a self-service and user-friendly management dash board. It can generate various 2FA transaction reports, as well as searching specific transaction records.

Specifications

Specifications

Support for variety
of 2FA Tokens:
• OATH event (HOTP) based algorithm
• OATH OCRA – Challenge/Response and Transaction Signing algorithm
• TR29-compliant Token
• VASCO Token
SMS OTP support: • Generate and verify SMS OTP
• Integrate with SMS Gateway through HTTP(S) or SMTP protocol
End-to-end Encryption
Protocols:
• RSA 1024/2048
• PKCS#1 v1.5/v2
FIPS-Certified
Hardware Security Module (HSM):
Optional for built-in FIPS-certified Hardware Security Module (HSM)
Management portal: • Self-Service management portal
• Users management and devices provision
• Generate reports on user information and authentication history
• Query on authentication records
• System alert through email or SMS
High Availability: • RAID configuration within the applicance
• 2 or more DAS can be configured to operate in High Availability or Disaster Recovery mode
Physical Characteristics: • Height: 1 U / 2 U
• Redundant 460W / 750W hot-swappable Power Supply
Network Interface: Two Gigibit-Ethernet port stand

Use Case

DAS-2