WSO2 Identity Server: Adding Hardware Security Module Without Breaking the Bank
- By Mohamed Usama Mansoor
- 17 May, 2016
WSO2 Guest Webinar: WSO2 Identity Server: Adding Hardware Security Module Without Breaking the Bank
Security is as strong as its weakest link and in many cases that link is either human or encryption based. Although security is a subjective topic, almost everyone will agree that using a hardware security module (HSM) to safeguard and manage digital keys is a huge improvement over software based management. Yubico Hardware Security Module (YubiHSM), a hardware security module of Yubico, is easy and affordable way to secure authentication secrets.
This webinar will discuss
- Improving security using the WSO2 Identity Server (WSO2 IS) with FIDO U2F and a YubiHSM
- Enabling FIDO U2F strong authentication support in WSO2 IS 5.1 to repair user IDs and passwords
- Easily integrating YubiHSM into the WSO2 IS to strengthen password hashes used for authentication
- Using YubiHSM within WSO2 IS computes hashes and produces local salts within this secure environment
- Using YubiHSM and WSO2 IS to set a high bar for securing secrets without breaking the bank
Rob is a Senior Business Consultant and Solution Architect with more than twenty years of experience. In addition to his work he is an active blogger working on a number of articles on the 'Internet of Things' and a WSO2 'Getting Started with ...' series in which he talks about WSO2 components and their purpose especially aimed at non technical readers.
Ishara is a Senior Software Engineer at WSO2 and a key member of WSO2 Identity server team. Holder of a Bsc Engineering degree from the Department of Computer Science and Engineering, University of Moratuwa (Sri Lanka). Ishara successfully completed the Google Summer of Code program in 2011 with Apache Software Foundation and has implemented xmlID support to Xerces2 Java Parser.
Jerrod leads the solutions team at Yubico with over fifteen years of experience specializing in enterprise security solutions. He works with small, medium and enterprise customers to consult and build open scalable security solutions. Jerrod is also an active contributor in the FIDO Alliance U2F technical working group and security certification development committee.