Scribd
Upload
84 views

2 Factor Authentication Using RSA SecureID

This document discusses integrating RSA SecureID two-factor authentication with an application. It describes RSA SecureID components like tokens, authentication manager, and agents. It provides steps to generate and register tokens, and integrate authentication by prompting for username and token, then validating with the RSA agent. Estimates and alternatives like a gateway application are discussed, and the document provides contact information for any other questions.

Uploaded by

Raghavendra Muniramaiah
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
84 views

2 Factor Authentication Using RSA SecureID

This document discusses integrating RSA SecureID two-factor authentication with an application. It describes RSA SecureID components like tokens, authentication manager, and agents. It provides steps to generate and register tokens, and integrate authentication by prompting for username and token, then validating with the RSA agent. Estimates and alternatives like a gateway application are discussed, and the document provides contact information for any other questions.

Uploaded by

Raghavendra Muniramaiah
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 10

2 FACTOR AUTHENTICATION

USING RSA SECUREID


RAGHAVENDRA MUNIRAMAIAH
TABLE OF CONTENTS

• What is RSA authentication?


• Components of RSA
• Integrate RSA tokens - with application
• Current use case
• Pre requisites
• Alternatives - Proposal
• Estimates/Timelines
• Q&A
WHAT IS RSA AUTHENTICATION?

• The RSA SecurID authentication mechanism consists of a "token" — either hardware


(e.g. a key fob) or software (a soft token) — which is assigned to a computer user
and which creates an authentication code at fixed intervals (usually 60 seconds)
using a built-in clock and the card's factory-encoded almost random key (known as
the "seed"). The seed is different for each token, and is loaded into the
corresponding RSA SecurID server (RSA Authentication Manager, formerly
ACE/Server) as the tokens are purchased. On-demand tokens are also available,
which provide a tokencode via email or SMS delivery, eliminating the need to
provision a token to the user.
COMPONENTS OF RSA

• RSA SecureID
• RSA Authentication Manager
• RSA Authentication Agent
INTEGRATE RSA TOKENS - WITH APPLICATION

• To generate RSA tokens, an RSA Agent should be installed in respective environments(Windows/Unix etc)
where a web application is running or on a centralised server which is accessible to client and web application
server
• Clients should register with Agent by providing identity information like which device they want to generate
token, what is the application/server they wants to access with, username and password. Once registered,
RSA agent generates QR code and link and send back to registered user either by email or SMS
• Once Client install RSA-SecureID app in their device, by entering QR Code, a token can be seen in that app
which refreshes every second.
• To integrate the RSA authentication, web-application/website should first prompt for username and RSA token,
web-application should validate this by invoking API to RSA agent, if authenticated, a success(test.html) should
be returned to client else un-authorised message should to sent client with error code.
CURRENT USE CASE

• www.scoriant.com/secure is the website which should authenticate with RSA


SecureID
• Modify the landing/home page where current flow is implemented by
changing/creating new page which can prompt for RSA token.
• Once client enters token with username, invoke REST API call to RSA agent to
validate this token
• If success, return test.html else 401 – unauthorized.
PRE REQUISITES

• RSA Agent and RSA authentication manager should to installed at server side
where website is running
• Current website should be capable of invoking REST webservices
ALTERNATIVES – NEW PROPOSALS

• If current website is not capable of integrating with RSA Agents, we can


create an java application which acts as a gateway to all requests of
specified application. Also, RSA authentication can be separated out of
existing application and have authentication at only gateway server which
reduces the load on current application
ESTIMATES/TIMELINES

• Following decisions are to be made from vendor


1. Since RSA is platform specific, a respective version of agent to be installed in our
environments for example, windows, linux and so on
2. RSA is not OPEN – SOURCE, it comes at certain cost
3. If current website is not supporting/ not willing to integrate RSA, a new Java application
should be created and all the URLs from existing application to flow through this gateway.
4. Any other requirement ??

Based on the decision made for above queries, I can estimate the efforts and Timelines
can be proposed
Q&A

• Please feel free to reach out to us on [email protected] or


[email protected]

You might also like