Joint webinar will explore how integration with CASQUE SNR adds the highest levels of multi-factor authentication to WSO2 Identity Server’s identity and access management
Mountain View, CA – May 16, 2019 – WSO2 and Distributed Management Systems Limited (DMS) today announced that they have partnered to extend the multi-factor authentication (MFA) capabilities in WSO2 Identity Server via integration with CASQUE SNR. The CASQUE Connector co-developed by the companies is available now as a free download from the WSO2 Connector Store.
WSO2 Identity Server is the highly extensible, open source identity and access management (IAM) solution optimized for identity federation and single sign-on (SSO). CASQUE SNR from DMS offers identity assurance for people and things by producing keys that are changed dynamically to provide immunity against insider attacks, token clones, and manufacturer compromise. Together, they give organizations superior flexibility, control and protection over the identities they manage.
Additionally, DMS and WSO2 will co-host a webinar, "Securing Applications Using WSO2 Identity Server and CASQUE,” which will examine how the integrated products address common vulnerabilities found in many MFA solutions. The webinar will be held on Wednesday, May 22, 2019, at 10:00 a.m. GMT, and it also will be available on-demand.
WSO2 Identity Server provides a comprehensive, open source IAM solution for managing customer, partner and employee identities. The software is optimized for identity federation and SSO with comprehensive support for strong, adaptive authentication and API security. Using WSO2 Identity Server, identity administrators can federate identities, secure access to web and mobile applications and endpoints, and bridge identity protocols across on-premises and cloud environments.
Meanwhile, CASQUE SNR enables organizations to overcome the typical vulnerabilities of MFA, which rely on a fixed secret. This secret might be an embedded key in SecurID, a private key in Public Key Infrastructure (PKI), or an attestation key in Fast ID Online 2 (FIDO2). If it is discovered by hackers, calculated through factorization, or disclosed by an insider, the security fails.
Because CASQUE SNR does not rely on a fixed secret, there is nothing to target or disclose. Instead, it relies on the Challange-Response family of protocols to calculate the response in a secure chip embedded in a handheld token. With CASQUE, users can own and control their independent identity access provision without reliance or exposure from manufacturers or managed service delivery partners. Each token has a secure chip that is Evaluation Assurance Level 6 and Federal Information Processing Standard Publication 140-2 Level 3. CASQUE can be deployed both on-premises or on the cloud, and it is specifically designed to control access via mobile devices.
Now with the CASQUE Connector, WSO2 Identity Server customers can leverage CASQUE SNR technology to perform more secure MFA using dynamic secrets. First, WSO2 Identity Server handles the primary username/password authentication, and then it refers the prescribed IDs to CASQUE for secondary browser authentication. The CASQUE challenge, which can be presented as a QR code or smartcard token, is created by the CASQUE Authentication Server Software (Windows or Linux; Physical or Virtual) supplied by DMS.
“It has been both educational and enjoyable working with the WSO2 team to develop an integration architecture that exploits the full flexibility of both our technologies so that high assurance authentication can be deployed where and when required,” said DMS Managing Director Basil Philipsz.
“We are pleased to introduce the integration between CASQUE SNR and WSO2 Identity Server,” said WSO2 Vice President of Security Architecture Prabath Siriwardena. “Through this integration, the capabilities of WSO2 Identity Server are extended to provide users with an even more secure form of MFA.”
Together, Basil Philipsz and Dinali Dabarera, a senior software engineer on the WSO2 IAM team, will examine the vulnerabilities of MFA methods that rely on a fixed secret. Then they will discuss how stronger authentication methods, such as the approach offered by CASQUE, are needed to secure highly confidential information. Next, Basil and Dinali will explore how CASQUE works on a dynamic secret rather than a fixed one that can be targeted or disclosed. Finally, they will explore how the integration between CASQUE and WSO2 extends the functionality of WSO2 Identity Server to provide more secure MFA. To learn more about the webinar and register for the event, visit https://wso2.com/library/webinars/2019/05/securing-applications-using-wso2-identity-server-and-casque.
Distributed Management Systems develops and delivers CASQUE SNR, which provides the next generation of identity assurance for both people and things, and has significant advantages over existing products with respect to security, resilience, usability, including defense against insider attacks. CASQUE SNR’s keys are changed dynamically and invisibly, removing fixed targets and hence becoming immune to insider attacks, token clones and manufacturer compromise. The first generation of CASQUE from DMS has been previously used by the UK Ministry of Defence. A private limited company, DMS is owned by its directors who are UK nationals based in Feniscowles, near Blackburn, Lancashire, England. For more information, visit https://www.casque.co.uk.
WSO2 is the world’s #1 open source integration vendor, helping digital-driven organizations become integration agile. Customers choose us for our broad integrated platform, approach to open source, and agile transformation methodology. The company’s hybrid platform for developing, reusing, running and managing integrations prevents lock-in through open source software that runs on-premises or in the cloud. Today, hundreds of leading brands and thousands of global projects execute 6 trillion transactions annually using WSO2 integration technologies. Visit https://wso2.com to learn more.
Trademarks and registered trademarks are the properties of their respective owners.