ADVANCED INFORMATION

TECHNOLOGY SOLUTIONS _____

 

 

Home         Products         Methodologies         FREE Quote         Site Map          Advanced Search          Contact .

 

 Strategic Outsourcing             Scientific Solutions              Business Applications           Software Tools .

 

 Talk to a representative > .

AllTrans
Banking, Finance & Accounting
Energy
Healthcare Solutions
Mobile Phone Software
Stock Quotes for PocketPC
Security Solutions
Government
ERP Packages
Logistics
eBiz Solutions
Manufacturing
eLearning
Multimedia Solutions

In this section:

UP
Hide IP - Surf Anonymously
KasperskyLab® - Anti-Virus
Patrol
Hidden Eye
Information Protection
SafeLogin
Safe Message
Safe Work
Fingerprint Information System
Crypto Identity
Magic Secure
S4 Enterprise
Smartkey Plus +
Smartcard Pocket Reader
Web Identity
Free Spyware Scan

In this sub-section:

UP


Sample
User Interface Designs
 GUI's >>

Testimonial Laurent Favre, CEO


"We have been working with [ITC Software] for more than 2 years now. We started with contract basis work and finally came to ODC which is completely dedicated for our tasks. High team stability, good proficiency and efficient administration support are the factors which bring high value to our collaboration."  ..../more

Hedge Funds Optimizer >>

Climate Change >

> Decision Theory

 
 

 

Security Solutions  back | UP | next


WebIdentity is a hardware based device the size of a key which, when plugged into the USB port of a computer, allows you to uniquely identify and authenticate the user of a Web-based application and to set up protected and encrypted transactions with him over the Internet.

 How WebIdentity Works

The user will simply plug WebIdentity into the USB (Universal Serial Bus) port of the computer without going through any installation procedures at all.

The Server application will take care of setting up secure communications with the token in order to authenticate the user. User identification is carried out on the basis of information resident in the device and in combination with the user-supplied password (two factor authentication).

 When the Client has been identified and the user authorization checked, WebIdentity sends the custom, private information to the user, encrypting the content with the Blowfish 256 bit algorithm and the time variable key which is linked to the secret value in token.
The information can be either HTML pages, database information with web interfaces, forms, download areas etc. The transaction of this information over the web is encrypted both from the server to the Client and vice versa

 The Hardware And Software Components Of The System

The WebIdentity user authentication system is composed of hardware components, the device which will be associated with the various users of the Internet service, and software, the ActiveX and Plug-In modules which are needed for handling the security system. 

Hardware

The WebIdentity hardware device is, to all intents and purposes, a hardware key which has been developed for its security features as well as being equipped with an ASIC chip for the parallel port version and a purpose built chip for the USB interface version.

 The device has the following technical features: 
  • 8 Kbytes of writeable memory
  • Memory access code
  • Security: an ASIC circuit makes the simple cloning of the hardware key impossible
  • Automatic power supply: it doesn’t use internal batteries or an external power supply
  • Programmable: a double access code to information in the device is programmable by the service provider
  • Stackable: the USB key can be stacked together with up to 128 other peripheral devices; with the parallel interface version, 20 or more keys can be stacked on the same parallel port
  • Transparency: other peripheral devices can be piggy backed with the key on the same port (network adapters, SCASI adapters, portable hard disks etc.
  • Algorithmic queries: There are means of performing algorithmic type queries and not just those which return a static answer.
  • Identity code: each key is uniquely customized with a factory supplied identity code for every user.
  • Internal memory: 416 bytes of non volatile memory equipped with an access code composed of 16 + 16 bytes.

As stated previously, other features of the device are relative to the type of interface which can be either parallel or USB and are amongst the most standard available on the personal computers of the latest, past and future generations.

Another version of the device is under development and will be equipped with extra features in the area of internal writeable memory: in the new version this memory will be increased to 8KB. This will make WebIdentity perfectly intergratable with the new public key infrastructures and the implementation of electronic signatures.

Software Components

From a software point of view, a Software Development Kit (SDK) is supplied which has the purpose of determining the parameters in the device and returning them for insertion into the server database.

Moreover, the Software Development Kit includes the ActiveX Server modules necessary for the process of identifying the user as well as handling the transactions on the web, and the ActiveX and Plug-In client modules that interact with the ActiveX Server (either one or the other will be used depending on the browser being used on the client).

These are the main software components:

- Cabinet ActiveX Client (CAB)
- Cabinet ActiveX Server (CAB)
- Setup ActiveX Server (EXE)
- Setup Plug-In (EXE)

The SDK is also supplied complete with manuals and illustrated diagrams of the features of the functions included with WebIdentity.

Technical features:

- Complies with USB specifications (Universal Serial Bus)
- Unique serial code for each key
- Availability of a parallel interface version
- 8 bit, 12 MHz Risc microprocessor
- Pseudo Random Number Generator
- 16 Kbyte RAM available for applications
- Memory protected with a 16 + 16 byte double access code
- One-way Hash function MD5
- Blowfish 256 bit key length encryption algorithm

 

  Request a Quote 

ISO 9001:2000 certifiedHome    Site Map    About us      Meet the Team   FREE Quote    Legal    Investors   Contact

© 2002-2015  ITC Software. All rights reserved. Sponsor of Modalart Shipping Containers

Product and company names mentioned herein may be trademarks of their respective owners. info(at)itcsoftware.com
Follow itcsoftwarecom on Twitter  

vBulletin statistic
    


Recommend this page::