Scribd Logo
Unggah

Selamat datang di Scribd!

  • Utimaco: RSA Secured Implementation Guide

    Diunggah oleh

    Wayne Roberts
    100 tayangan9 halaman

    Judul Asli

    Utimaco_SID800_v1_and_v2

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    100 tayangan9 halaman

    Utimaco: RSA Secured Implementation Guide

    Diunggah oleh

    Wayne Roberts

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 9

    Utimaco

    SafeGuard Easy

    This solution currently does not support the latest revision of RSA SecurID
    800 tokens, which is revision D.

    RSA Secured Implementation Guide


    Last Modified: January 22, 2009

    Partner Information
    Product Information
    Partner Name Utimaco Safeware AG
    Web Site www.utimaco.com
    Product Name SafeGuard© Easy
    Version & Platform 4.50.3
    SafeGuard© Easy is a sector based hard disk encryption combined with
    a secure pre-boot user authentication.
    SafeGuard Easy© uses transparent encryption to protect the
    confidentiality of data that is stored on hard disks, floppy disks and
    removable media in a simple and effective manner. Different algorithms
    Product Description can be selected for encrypting different media, which include AES,
    Rijndael, XOR, STEALTH-40, IDEA, BLOWFISH, DES and 3DES.
    Pre-boot Authentication can either be performed by user ID /
    password or optionally with a security token (2-factor
    authentication), such as the RSA SID800 token.
    Product Category Disk/File Encryption

    This solution currently does not support the latest revision of RSA SecurID
    800 tokens, which is revision D.

    Page: 1
    Solution Summary

    SafeGuard© Easy uses the RSA Security SID800 Token to perform a two-factor pre-boot authentication,
    and to derive the disk (media) encryption key from data stored on the token.

    For pre-boot authentication the token is accessed directly via low-level communication, without the use of
    any RSA middleware. Low-level communication is achieved by the implementation of the following two
    software components:

    Utimaco built and supported 16bit real-mode CCID driver developed to support the “reader part” of the token.
    Utimaco developed interface to the SID800 “smartcard” via APDU (Application Protocol Data Unit) commands to
    access the private container applet.

    Partner Integration Overview


    RSA Certificate Manager Interoperability n/a
    Interoperable through RSA Authentication Client Y
    Interoperable through RSA Sign-On Manager n/a
    Pre-Boot Authentication Y
    If Pre-Boot, which tokens are supported? SID800

    Page: 2
    Product Configuration for Interoperability

    Prerequisites
    Interoperability between SGE 4.50.3 and the RSA SID800 is dependant on the successful application of
    the SafeGuard Easy Token Add-On RP. Please contact Utimaco for details on obtaining this release
    pack.

    Installation of SGE 4.50.3 and RSA SID800 Support

    Note: The following instructions are intended to prove interoperability


    and do not suggest optimum configuration. Please contact Utimaco for
    specific questions regarding enterprise deployment options.

    Run the SafeGuard Easy setup program and use following install option users to authenticate with an
    RSA SID800 authenticator.

    1. Select Next.

    Page: 3
    2. Select “Partitioned Mode” and “Next”.

    3. When prompted, restart the PC and run the Utimaco Configuration File Wizard.
    4. Under “General”, Change the Token Logon option to “RSA SID800 Token”.
    5. Under “General”, Set Password at system start (PBA) to “Yes”.

    Page: 4
    6. Under “Encryption” set accordingly. For testing and proofs of concept it’s recommended you leave these settings
    “Not Configured”. They can be turned on once authentication is working correctly.

    7. Leave user settings as is for now. You’ll be prompted for a password when you hit next. Enter the passwords for
    the System and User. Remember both passwords.

    Page: 5
    8. Select Install. Restart the PC when prompted.

    Page: 6
    9. Open the Utimaco administration console via the Start Menu.

    10. Add a new user and assign a password to the account.


    11. Save and exit the SafeGuard Easy Administrator.

    Page: 7
    Pre-Boot Authentication Process
    During the next logon, you will be prompted for the Token Password first and then for a username and
    password. As this user is required to authenticate with a SecurID USB authenticator, you’ll see the
    following take place:

    The pre-boot application will ask you to provide the Token Password to unlock the SID800. The
    application will then ask for the username and password used when setting up the account within
    SafeGuard Easy Administration.

    Subsequent logins will require that the user provide only the pin to logon to the pre-boot environment
    provided the token is inserted into the USB port.

    Page: 8
    Certification Checklist for 3rd Party Applications

    Date Tested: Friday, July 02, 2010


    Product Operating System Tested Version
    RSA SID800 N/A v1 & v2 (1.43)
    RSA Authentication Client Windows XP SP2 2.01 and 3.01
    SafeGuard© Easy Windows XP SP2 4.50.3
    SafeGuard© Easy Token Add-on Windows XP SP2 4.50.3

    Pre-boot Authentication Result

    SID800 (Combo Token)

    DRP = Pass = Fail N/A = Non-Available Function

    Page: 9

    Anda mungkin juga menyukai