Presentation is loading. Please wait.

Presentation is loading. Please wait.

Centralized Authentication Gateway CAG360 for SME

Published byLoreen Hannah Johns Modified over 7 years ago

Similar presentations

Presentation on theme: "Centralized Authentication Gateway CAG360 for SME"— Presentation transcript:

1 Centralized Authentication Gateway CAG360 for SME

2 CONTENTS I CAG Introduction II Signer Management System
Validator Management System III IV Authentication Agent & SDK BackOffice Portal V VI EJBCA As Private CA For Banks

3 CAG360 INTRODUCTION TOTAL PKI/OTP SOLUTION FOR BANKING AND SECURITIES

4 Functional Structure Signer Management System
Validator Management System BackOffice Portal CAG360 Authentication Agent & SDK

5 Signer Management System
PDFSigner XML Signer CMSSigner (CAPICOM compliant) Office Signer TPM Performance for SME: 40 TPS, if using HSM, the performance is higher

6 Signer Management System
AOpen DEX9235 from Taiwanese company already installed CentOS 6 TPM: Trusted Platform Module from Infineon chipset SLB9660 that applying to NIST FIPS 140/2 Level 3. Stored up to 680 RSA key pairs Capacity up to 40 TPS (Transaction Per Second)

7 Signer Management System
Supports Wireless PKI (wPKI) and 2nd token wPKI 2nd token Content Layouts 2nd Token is supported for both Android and iOS devices. Bring the best flexibility to customers with the highest security

8 Signer Management System
HTTP Post (Webpage) SOAP Web Services Supports two methods for signing

9 Functional Structure Signer Management System
Validator Management System BackOffice Portal CAG360 Authentication Agent & SDK

10 Validator Management System
PDFValidator OfficeValidator XMLValidator OTP (Hardware/SMS/ ) CapicomValidator Fido Validate signed documents automatically before auditor manually do that Validate signed documents automatically before auditor manually do that

11 Validator Management System
Sign request Do signing OTP/Fido Authentication Supports Two Factor Authentication (2FA) for centralized signing by using OTP/Fido. Detail workflow for centralized signing worker that hybrid integrated OTP authentication 1. Officer staff should go to the CGI page (so-called CAG360 Signer Page), and submit the corresponding credential consisted of username/password 2. The staff should use one of following worker for appling the signing request - PDFSigner for signing the pdf file, our signing worker can create the signed pdf file with invisible/visible signature, it depends on the existing configuration that already applied on the corresponding worker - OOXMLSigner for siging the MS Office file (MS Word, MS Excel, MS Access, MS Power Point ....) , our worker can create the signed file even for MS Office 2003 or later - ODFSigner for signing the Open Office file - XMLSigner for signing the XML file comprised of XMLDSig or XaDES - CMSSigner for signing the String and create the CAPICOM compliant string 3. Once staff choose and browse file, the CAG360 will send the OTP passcode, it maybe is OTP SMS or OTP 4. After the OTP passcode is validated, the signed file will be downloaded over the Signer Page, the staff will use this signed file for their own purpose, maybe it will be sent by , eOffice or so on ....

12 Validator Management System
Detail workflow for centralized signing worker that hybrid integrated OTP authentication 1. Officer staff should go to the CGI page (so-called CAG360 Signer Page), and submit the corresponding credential consisted of username/password 2. The staff should use one of following worker for appling the signing request - PDFSigner for signing the pdf file, our signing worker can create the signed pdf file with invisible/visible signature, it depends on the existing configuration that already applied on the corresponding worker - OOXMLSigner for siging the MS Office file (MS Word, MS Excel, MS Access, MS Power Point ....), our worker can create the signed file even for MS Office 2003 or later - ODFSigner for signing the Open Office file - XMLSigner for signing the XML file comprised of XMLDSig or XaDES - CMSSigner for signing the String and create the CAPICOM compliant string 3. Once staff choose and browse file, the CAG360 will send the OTP passcode, it maybe is OTP SMS or OTP 4. After the OTP passcode is validated, the signed file will be downloaded over the Signer Page, the staff will use this signed file for their own purpose, maybe it will be sent by , eOffice or so on ....

13 Functional Structure Signer Management System
Validator Management System BackOffice Portal CAG360 Authentication Agent & SDK

14 Authentication Agent & SDK
Java C# Content Layouts Sample client is available in Java & C#

15 Functional Structure Signer Management System
Validator Management System BackOffice Portal CAG360 Authentication Agent & SDK

16 BackOffice Portal It also provides token operations such as initializing, blocking, unblocking...

17 EJBCA As Private CA For Banks
Integrated EJBCA into CAG360 and supported: OCSP CRL LDAP In case of the banks want to build their own private CA, we can support EJBCA which is integrated into CAG360

18 Our Advantages This is the cost-effective solution with fully integrated variety authentication/validator methods 1 It is suitable for SME with the easy to integration, the cheaper budget, the totally support from security expert 2 We connected all of Certification Authority service providers such as VNPT-CA, FPT-CA, SAFE-CA.... 3

19 Contact Us MINH THONG CARD SOLUTIONS CO., LTD
Address: 16/2 Ter Dinh Tien Hoang, Da Kao Ward, 1st District , Ho Chi Minh City Website: Hotline :

20 Thank You!

Download ppt "Centralized Authentication Gateway CAG360 for SME"

Similar presentations

Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Installation & User Guide

Installation & User Guide
Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
WPKI available technology diagram and the business model

WPKI available technology diagram and the business model
PKI Administration Using EJBCA and OpenCA

PKI Administration Using EJBCA and OpenCA
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)

Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
EASY LOGISTICS CENTER - the TURNTABLE for information, documents and processes EASY LOGISTICS CENTER DOCUMENTS SHOP CONTENT COMMUNITY MODULES EASY ENTERPRISE.

EASY LOGISTICS CENTER - the TURNTABLE for information, documents and processes EASY LOGISTICS CENTER DOCUMENTS SHOP CONTENT COMMUNITY MODULES EASY ENTERPRISE.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Alcatel Identity Server Alcatel SEL AG. Alcatel Identity Server — 2 All rights reserved © 2004, Alcatel What is an Identity Provider?  

Alcatel Identity Server Alcatel SEL AG. Alcatel Identity Server — 2 All rights reserved © 2004, Alcatel What is an Identity Provider?  
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
For Sage MIP Fund Accounting

For Sage MIP Fund Accounting
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
X.509 Certificate management in.Net By, Vishnu Kamisetty

X.509 Certificate management in.Net By, Vishnu Kamisetty
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.
May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

Similar presentations

Ads by Google