• Site Map
• Contact Us

• Home
• Our Company
  • Customers
  • Careers
  • Contact Us
  • RSS & Blogs
• Products
  • Identity Manager
  • Password Manager
  • Group Manager
  • Privileged Password Manager
  • Download evaluation
  • Releases
  • CC Certification
• Solutions
  • Security, Governance and Regulatory Compliance
  • Reduce IT Support Cost
  • Improve User Service
• Support
  • Shipping products
  • Supported versions
  • Customer Portal
  • Create Incident
• Services
  • Solution Delivery Services
  • Solution Delivery Process
  • Education
  • Upgrades
  • AdMax Program
  • Outsourced IdM Administrator Service
  • Guarantee
• News &  Events
  • Press Releases
  • Press Coverage
  • Upcoming Events
  • Archived Webinars
• Resource Center
  • White Papers
  • Independent Reviews
  • Brochures
  • Slide Decks
  • Case Studies
  • Regulatory Compliance
  • Certifications
  • Community
• Partners
  • Technology Partners
  • Certified Resellers
  • System Integrators and Consultants
  • Managed Service Providers
  • Public Sector
  • Partner Portal
  • Partner Programs

Technology Integrations Open Architecture for Authentication

  

Open Architecture for Authentication

Hitachi ID Password Manager (formerly P-Synch) has an open authentication architecture, and can plug into existing password systems, corporate directories, two-factor authentication tokens, PKI certificates and biometric engines.

Users Authenticating for Self-Service

(1)Users may authenticate into Password Manager as follows:

• On a web GUI:
  • By typing their current password to a trusted system (for example Windows / Active Directory, z/OS, RADIUS, etc.).
  • By answering a set of system-selected personal questions, whose answers may either be stored inside the Password Manager server or may be validated on an existing system (Oracle, LDAP, mainframe and so on).
  • Using a security token (e.g., SecurID pass-code or other device).
  • Using a PKI certificate or smart card.

• Using a telephone:
  • By keying in one or more personal identification numbers (e.g., employee number, date of hire, driver's license number).
  • By matching a voice print sample taken at time of authentication against a previously recorded sample on file (biometric voice print verification)

Moreover, if the user decides to call the help desk, then Password Manager can be configured to have the support staff authenticate the caller by asking for answers to security questions before offering assistance.

(2)Administrators (IT staff) authenticate to the Password Manager web GUI as follows:

• By typing a current network OS or directory password.
• By typing a password and validating it against a password hash stored inside Password Manager itself.
• Using a security token (e.g., SecurID pass-code or similar).
• Using a PKI certificate or smart card.

Multiple authentication factors may be configured as required.

Authentication for Support Staff and Administrators

Help desk analysts, security officers and Password Manager administrators can authenticate to the Password Manager web GUI using one of the following methods:

• By typing a current NOS password.
• By typing a password and validating it against a password hash stored inside Password Manager itself.
• Using a security token (e.g., SecurID pass-code).

Authentication by answering security questions is not recommended for use with privileged accounts.

© Hitachi ID Systems, Inc. . All rights reserved.