CA AuthMinder Windows Installation Guide › Understanding the Basics

Understanding the Basics

With the exponential increase in cases of Internet-based fraud over the last few years, relying just on user name-password for authentication is no longer sufficient. The need for stronger authentication can either be to protect end users or to comply with government-mandated security requirements, internal policies, or best practices. However, adding stronger authentication often creates conflict between compliance requirements and user convenience. In other words, organizations must increase the security of their authentication processes by reducing the complexity, and reduce the risk of financial losses or brand damage by increasing the customer and partner access to applications and data.

CA AuthMinder (later referred to as AuthMinder) is a trusted strong authentication service that enables your application to verify and protect the identity of your end users by:

• Not transmitting passwords (either in clear or encrypted form) over the network.
• Enabling you to choose the authentication method that best suits the security and convenience of different types of users.
• Using ArcotID PKI® and ArcotID OTP, which are based on the patented Cryptographic Camouflage technique to protect keys.

  In Cryptographic Camouflage, the keys are not encrypted with a password that is too long for exhaustive attacks. Instead, keys are encrypted such that only one password will decrypt it correctly, but many passwords can decrypt it to produce a key that looks valid enough to fool an attacker. As a result, this method protects a user's private key against dictionary attacks and Man-in-the-Middle (MITM) attacks, as a smartcard does, but entirely in the software format.

  See "How Cryptographic Camouflage Works" for more information.

This guide provides information for planning the deployment of CA AuthMinder based on different solution requirements. Each solution consists of multiple components that interact with each other and other systems in an enterprise or multiple-network systems.

The biggest advantage of AuthMinder is that it enables you to upgrade security from simple user name-password authentication without changing the user login experience or critical business processes by using an ArcotID PKI for authentication.

This chapter introduces you to AuthMinder and covers the following topics:

• AuthMinder as a Versatile Authentication Server
• Plugging Into AuthMinder
• AuthMinder Architecture
• ArcotID PKI Key Concepts
• User Authentication in AuthMinder
• What’s New in this Release

Note: CA AuthMinder still contains the terms Arcot and WebFort in some of its code objects and other artifacts. Therefore, you will find occurrences of Arcot and WebFort in all CA AuthMinder documentation. In addition, some of the topics in this guide do not follow the standard formatting guidelines. These inconsistencies will be fixed in a future release.