SafeSign Authentication Server
September 01, 2006
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Excellent authentication support; powerful protection
- Weaknesses: Complex to integrate
- Verdict: Excellent for protecting transactional systems, but requires plenty of time and training
While a lot of the other products tested cover secure authentication to your existing servers or network, Thales's SafeSign Authentication Server is a bit different. It's designed to add security and authentication to transactional-based applications, particularly financial ones, so it's of particular interest to those developing e-commerce applications.
Building SafeSign into an existing application requires using its APIs, which means that you'll have to plan and thoroughly test its deployment. Fortunately, Thales can provide training and integration help, so that you can write your applications to pass off authentication to the SafeSign Authentication Server.
The software can run on virtually any Java-supported operating system, from Windows to Linux. The fact that it uses Java, though, means you'll need developers who are proficient in this language or can work with the provided SOAP interface to integrate the server into your infrastructure.
Management of the system is through the Java-based management console, which can be used to oversee multiple authentication servers. Users can either be entered directly or imported from the usual range of common sources, including databases and LDAP servers.
The level of security applied to each user can be varied, and SafeSign supports an impressive array of authentication methods. At the bottom end are encrypted passwords, but support for tokens adds an additional layer.
We were provided a Xiring smart-card reader, which can be used with EMV smart cards including bank credit and debit cards to generate OTPs. Or, if you use the handheld Thales personal security module, you can generate authentication codes for transaction-based applications.
Public key infrastructure is often time consuming and processor-intensive for servers, so Thales also offers a SafeSign CryptoModule appliance, which lets you offload DES, 3DES, SSL, RSA and M^D5 functions from the server.
Thales' SafeSign server provides a strong authentication and verification service, with a lot of flexibility. However, it is complex to use and has to be carefully integrated with your e-commerce applications, so it's not ideal if you just want to add security to remote access or general network access.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry