ActivCard Gold provides the expected functionality for securing the desktop, remote network access and access to web services, via digital signatures stored upon a smartcard. Appropriate software utilities are provided to manage these functions. However, the ActivCard approach goes one stage further by adding biometrics technology to the mix.
Utilizing the popular Precise Biometrics combination smartcard and biometric reader, plus the match-on-card biometric smartcard, fingerprint biometrics may be employed in order to positively associate the user with the smartcard, thus adding a valuable extra layer of security for applications where this is considered necessary. An ActivCard standalone smartcard reader and the Precise Biometrics fingerprint/smartcard reader were supplied for evaluation. These are both proven products which should present no problems in the field.
Interesting though ActivCard Gold is, the real jewel in ActivCard's crown is the Trinity product. ActivCard Trinity is a full-blown enterprise level secure sign-on product which may use multiple factor authentication in a number of configurations according to your particular situation. Passwords, dynamic passwords, smartcards and fingerprint biometrics are all supported and may be mixed and matched accordingly.
The authentication process may take place on the server, client or right on the smartcard, making for a flexible approach to user authentication according to the precise requirement.
For example, you may wish authentication to take place on the server for fixed desktop locations, on a laptop computer for remote access or home working, or maybe on the smartcard for individuals who use multiple PCs within a hot desk environment. This inherent flexibility is quite powerful, but care should, of course, be exercised when designing a security infrastructure that may take advantage of this functionality.
On the other side of the coin, access control rules may be defined to provide access to workstations, network domains or individual applications, providing equal flexibility in this area. At the back end, load balancing across multiple servers is supported, and a single client configuration may be downloaded to multiple clients across the network, making for a streamlined configuration where appropriate.
ActivCard Trinity is a serious product for those who take user authentication within the enterprise equally seriously. It is both scalable and flexible, making it suitable for the larger enterprise as well as the smaller, self-contained organization with expansion potential. As with all of the more sophisticated products of this type, deployment will require the talents of a competent systems administrator with a good understanding of the organizational infrastructure in question, and the ability to design a robust sign-on procedure to cover all eventualities. Given that prerequisite, ActivCard Trinity represents a comprehensive tool set with which to achieve such a goal.