This document summaries the reasons for the positioning dispositions of various authentication methods and their associated Identity Management Capabilities. Written with the admitted selected bias of the author but the arguments are sound and defensible – click to download.

This presentation shows how CASQUE provides Enterprise owned and controlled, high grade, federated, Identity Assurance for Web Applications

Click to access the pdf presentation 

WSO2 Identity Server is an extensible, open source solution to federate and manage identities across both Enterprise and Cloud environments including APIs, mobile, and Internet of Things devices, regardless of the standards on which they are based. The Identity Management Suite subsumes features found in competitive products but is open source!

Distributed Management Systems Ltd (“DMS”) has invented and fully developed a new, radical approach to Identity Assurance, CASQUE which removes major vulnerabilities which all current, multi-factor authentication methods possess.

WSO2 and DMS have cooperated to closely integrate CASQUE with WSO2 Identity Server and will present a joint webinar on 22nd May 2019 at 11am, Click to Register

Pleased to announce that ObjectTech will use CASQUE SNR to protect access to their Identity Systems. ObjectTech is one of 5 young companies Forbes expects to make an impact on the world that are ones to watch in 2019 and beyond.

Click for more details

We believe the fashionable trend for “Adaptive Authentication” where Identity is determined by a software only technique based on the User’s “Use Profile” is flawed both in design principle and operation.

The Whitepaper details the weaknesses in this approach and shows how a different “Fortress Construction” design is superior.

Click to Download the Whitepaper

Organisations may want to utilise Cloud resources provided by AWS, Google Cloud or Azure but want to own and operationally control their Identity Access. There is a trend to offer “Virtual Appliances” – software versions of previously dedicated hardware gateway units so that they can run on compute resources residing in Cloud environments.

We have integrated CASQUE SNR using the capabilities of Cisco Adaptive Security Appliance (ASA) Software. All Cisco ASA 5500-X Series Next-Generation Firewalls are powered by this software and so are the “Virtual” manifestations called ASAv. Cisco Adaptive Security Virtual Appliance (ASAv) is optimised for cloud and data center environments with VMware, KVM and Hyper-V hypervisor support providing throughput from 100 Mbps to 10 Gbps utilizing from 1 to 16 GB memory.

CASQUE SNR integrates both with clientless VPN configurations with the Challenge presented as a QR coded image as well as providing Challenges as file downloads using client installed AnyConnect.

These cyber-security standards which will now be incorporated into the Government Functional Standard for Security, obliging government departments and suppliers to comply.

“Multi-factor authentication shall be used where technically possible, such as where administrative consoles provide access to manage cloud based infrastructure, platforms or services. Multi-factor authentication shall be used for access to enterprise level social media accounts ”

BUT.. existing Multi-factor Authentication (MFA) Products are weak!

According to NIST, “Out-of-Band” like SMS and Email or “OTP” like SecurID or Vasco need multiple other supporting techniques and therefore consume extra overhead and management costs -see NIST Digital Identity Guidelines on Authentication Products. 

Use of a mobile phone to carry the authentication response may seem adequate but Users now want to use their own mobiles as the primary Client- so other than carrying a second phone, these existing Solutions will, ridiculously, become single factor Authentication!

CASQUE SNR is the only MFA certified at source code level by NCSC as suitable for Secret and is cheaper than traditional techniques. Why use MFAs that already have known weakness when you can use CASQUE SNR?

WSO2 Identity Server is used to simplify identity and access management related activities in the enterprise; it is based on open standards and open source principles. WSO2 Identity Server comes with seamless, easy to use integration capabilities that help connect applications, user stores, directories and identity management systems.

WSO2 Identity Server allows enterprises to achieve single sign-on/sign-out, identity federation, strong authentication, identity administration, account management, identity provisioning, fine-grained access control, API security, monitoring, reporting, and auditing.

CASQUE SNR integrates in a closely coupled way by providing a free to use local connector plug-in.

This is a short presentation with sound that defines the compelling reasons to use CASQUE SNR

The Business Case for CASQUE SNR

VPN Mentor has Informative comparison of techniques and tools to enable Privacy.

They claim to be “The Authority on VPNs and Web Privacy, providing reliable advice, useful tips and VPN reviews on the best VPNs written by their anonymity experts”. Their blog is translated into 29 languages and has many millions of views.

Periodically, VPN Mentor choose a “global cyber expert” for interview and here is a recent discussion with Dr Basil Philipsz.