Strong Two Factor Authentication with USB Hardware Smart Card Tokens

English on November 10th, 2007 No Comments

Continuing the road to secure strong authentication SSOCircle now supports USB hardware smart card tokens. These tokens are a combined smart card and smart card reader with a USB interface. Because of their small size, they can be easily attached to a key ring. Have you ever been worried using a public internet terminal ? Have you been bothered about a keystroke logger could be installed on the PC and is grabbing your passwords ? If yes, ePass USB smart card token is the perfect solution for you. SSOCircle offers now automatic enrollment of X.509 certificate to ePass USB tokens. Just enroll a certificate at, go to the internet cafe and insert the stick and single sign on to SSOCircle and all integrated Service Providers. After finishing your work, logout and remove the USB token and be 100% safe that nobody can grab your credentials and reuse it. The certificate store on the token can not be exported or copied from the stick. That’s simply the meaning of two factor authentication: one thing you know (the PIN of the token) and one thing you have (the token itself). Security made simple.

ePass tokens can be used driverless. For Firefox you only need to setup the security device. To ease that step we are now providing a Firefox addon. The addon probes for the PKCS11 libraries, creates the device and imports the SSOCircle CA certificates automatically.
But if you think that installing an addon is not feasible on a public terminal, read this: StorePass is a device with flash memory and a smart card on one device – and cool as it is – it doesn’t need a driver. So, just put your fully configured firefox on the flash, start the browser from the stick and off you go.

If you are looking for the ePass or the StorePass, please visit RS-Computer.

Technical note:
ePass2000ft11 tokens work on Windows Windows 98SE/Me/2000/XP/Server 2003/Vista, Linux and MacOS. For use with Firefox you just need the PKCS11 library but no additional drivers.
StorePass is a device combining flash storage and the ePass smart card functionality.
For more information and details visit RS-Computer.

Tags: , , , , , , ,

Strong Authentication and Public Key Infrastructure

English on August 18th, 2007 No Comments

As one of our main goals has always been the improvement of authentication security, SSOCircle is now offering Strong Authentication with X.509 Certificates and a PKI supporting automatic enrollment of Certificates. Using Certificate based authentication reduces the threat of Phishing ( a malicious site that pretends to be the login mask of someother and reads your password – no matter if it was encrypted over the wire or not ). With Certificate based LogIn there is no need to let your password travel over the network.

Tags: , , , ,

OpenID functionality updated

English on June 30th, 2007 No Comments

SSOCircle the first Identity Provider supporting SAML 2.0 and OpenID protocols now includes attribute exchange through OpenID Simple Registration Extension.
You are now able to share profile attributes ( like name or email address ) between the IDP and the Relying Party. You will be asked to confirm the transfer of attributes as soon as the service you are signing in is asking for it.
Thanks to Paul C. Bryan for making this possible.

Tags: , ,

SSOCircle integrates with Google Apps

English on April 15th, 2007 No Comments

With SSOCircle you can now experience Single Sign On to Google Apps: Email, Calendar, Docs and Spreadsheet plus a personalized portal page. See how it works and get your email address.

Tags: ,

SSOCircle starts multiprotocol support

English on April 9th, 2007 No Comments

SSOCircle has started a pilot to support OpenID. You can now use your SSOCircle account at OpenID relying parties. Just type in <yourSSOCircleID> as your personal OpenID URL at the service site and experience SSO that opens up the SAML and the OpenID world.

Tags: ,

Additional management functionality available

English on April 7th, 2007 No Comments

User self administration pages now provide functionality for displaying and managing own profiles, SAML 2.0 account federations and OpenID trust settings.
Service Provider administrators now have an easy-to-use interface to import, list and remove SAML 2.0 Metadata.

Tags: , ,

New demo of a “pure” php saml 2.0 service provider

English on March 25th, 2007 No Comments

A new demo was launched at SSOCircle. The service provider has its own local user database and you can follow the steps from creating a local account to the linking of that account to your account at SSOCircle. The SP is based on lightbulb ( a OpenSSO extension ) and is written in “pure php”. From it is available in preconfigured source.

Tags: , , , , ,

New Download Service Provider

English on March 4th, 2007 No Comments

You can now download a sample SAML 2.0 service provider and install it in your web server. The sample is a static linked C executable which is preconfigured to use SSOCircle as an IDP. You just need a few steps to adopt it to your site. The steps are outlined in solutions.
The download service provider is another sample how federation can ease deployments – and last but not least the download service provider is implemented in PERL leveraging the multi language support of ZXID.

Tags: , , , , , ,

SSOCircle website launched.

English on January 28th, 2007 No Comments

SSOCircle offers a SAML 2.0 Identity Provider which allows everyone to join as a user or integrate as a Service Provider and participate in the SSOCircle.

Tags: , , ,