Detailed information about abylon LOGON SSO Pro

Info: Single sign-on for Windows and applications with smart card, USB stick or CD

Functionality of SSO (Single Sign-On) for the automatic entry of login data
Single sign-on for Windows and applications with smart card, USB stick or CD

The software functionality abylon Single Sign-On (SSO) is offered for the products abylon KEYSAFE and abylon LOGON SSO Pro for the products abylon LOGON SSO Pro for the products. The SSO function supports the user in entering login data, such as login name and password. For this purpose, the login windows are learned once by entering the corresponding login data. This data is stored in encrypted form. In the future, the login data will be automatically saved by the software after the legitimation of the user. abylon Signle Sign-On in the corresponding fields. As legimitation the following hardware keys can be used:

Certificate chip card and token
Memory chip card
External storage medium (e.g. USB stick) with key file on the medium
External storage medium (e.g. USB stick) with key file on computer
CD/DVD
Contactless RFID - Radio chip card
Bluetooth device (e.g. mobile phone)

NOTE: Special support on Request!

With the software abylon KEYSAFE a password can also be entered via the computer keyboard.

The abylon LOGON software solutions offer numerous additional possibilities in the clear administration area. For example, individual users, cards or applications can be activated, deactivated or blocked. The complete login data is stored in an encrypted XML file, so that a central administration on a server is also possible.

Advantages of automatic login (SSO - Single Sign-On) Authentication with hardware key

The number of required passwords is increasing inexorably and it is becoming more and more difficult for normal users to remember them all. As a strategy the user uses identical credentials for all authentications, easy to remember but insecure passwords or write them down in an insecure place. This undermines the security that is actually needed and provides crackers with a simple point of attack, such as phishing attacks. This uncertainty can put secret data in the wrong hands and, in the worst case, can even result in financial damage.

The software feature abylon Signle Sign-On provides helpful support without reducing security. The user only needs to authenticate once and can then access all securely stored credentials.

The administrator can change the real access data independently without having to relearn the tokens. Individual tokens can also be temporarily deactivated or locked as required. A complete removal of the tokens from the database makes further use impossible.

In networks with multiple users, accounts and credentials can be centrally managed by one administrator. By using hardware tokens (e.g. chip cards or USB sticks), the individual employee no longer has access to the real login data. During the Single Sign-On process, the real keyboard and mouse input was blocked by a special software procedure so that the login data could not be redirected to plain text fields and thus spied out. The administrator can change the real access data independently without having to relearn the hardware keys. Individual keys can also be temporarily deactivated or locked as required.

Only one-time authentication required
Automatic window detection
No insecure storage of passwords
Use of more complex and different passwords
Increased protection against keyloggers and phishing attacks
High flexibility
Central Administration

Functional range of the software ../abylon LOGON SSO Pro. ()

Functions of the individual versions see Table!

Secure and automatic logon to NT systems
Only one-time authentication required
Automatic entry of login name and password for applications7
supported media for registration:
- Chip cards (e.g. EC or KV cards)
- External storage media (e.g. USB sticks)
- CDs/DVDs
- RFID cards
- Certificate chip cards and USB tokens (support of various providers, such as Aladdin eToken)
- EEPROM smart cards SLE 4432 and SLE 4442
- and more...
Random Password - Daily changing and random Windows login data
two-factor authentication (optional) by additional password input at login
SecureID for symmetrical cards (help in case of card loss)
Account management: Multiple logon accounts for one medium
Encrypted data storage
Automatic window detection
Automatic start and stop of programs
Increased protection against keyloggers and phishing attacks
When the media is dragged, the computer is Locked, Logged out or Shutdown
Central Administration

System requirements for the automatic Windows and program logon

Processor: Pentium (or comparable)
Main memory: 256 MByte RAM
free hard disk space approx. 60 MByte
Operating system: 10, 8.1, 8, 7, Vista, XP, 32-Bit, 64-Bit
screen resolution: min. 1024x600 Pixel
Optional smart card reader or USB token

Supported standards

CAPI (Microsoft Crypt API)
PKCS#7 (Cryptographic Message Syntax Standard)
PKCS#11 (Cryptographic Token Interface Standard)
PKCS#12 (Personal Information Exchange Syntax)
RSA
PC/SC
RC4, Blowfish, AES, 3DES...
X.509 v3 Certificates
SCard-API
CT32.DLL
Microsoft Certificate Database

Technical Information to Software for automatic login

Installation and uninstallation routine
Driver for smart card reader or USB token has to be installed separately
CSP (Crypto Service Provider) must be installed separately (further information >> Compatibility)
If the CSP is not automatically recognized by abylon LOGON, then the corresponding transfer module can be entered in the settings dialog
EC-/HBCI card must be equipped with a chip
For health insured cards the card reader must support a CT32 interface DLL
The CT32 interface is an outdated standard, which should not be used anymore for compatibility reasons.