Products | uIAM

ARES uIAM System: SSO Multi-Layer Protection, Increase Security Levels

Constructing safe and convenient network environments, centralizing resource authorization and password management, integrating individual applications and security validation modes, Ares strives to provide a complete personal ARES uIAM (ubiquitous Identity and Access Management) System.

Security issues of the current Internet SSO System:

  • Hackers can easily have access to user password through the internet.
  • If the SSO system is intercepted, all accounts and passwords will be stolen.
  • If any application system is intercepted, information security will be compromised.
  • Hackers hack into database to steal all account and passwords.
  • Hackers, administrators or former employees may obtain illegal authorization and information.
  • Only applicable to a Web environment, unable to operate under cross-domain and cross-operating system environments.

ARES uIAM System solves these issues regarding Internet SSO system. Working with our uPKI digital signature validation authority will further provide a complete SSO solution for Web-based, client-server cross system platforms, and cross-programming language environments.

Differences between traditional Internet SSO and ARES uIAM system:

Traditional Internet SSO-Internet hackers can obtain user account and password click to enlarge

ARES uIAM System-Cannot be used in cross-network, cross-operating system environments or combine various programming languages (click to enlarge

Provide highly-secure authentication mechanism

  • Only the account is transferred on the Internet without leaking the password to avoid interception
  • Not sending any ID or password to other applications
  • No ID/database account information shared between application systems

Highest level of security for application system verification

  • Ensure all application systems reach same level of high security
  • Unique individual validation and authorization mechanism to ensure the confidentiality of each application
  • Each message is encrypted and includes information such as timestamp to prevent repeated attacks
  • Mutual authentication
  • Support designated, layered validation to speed up the validation process
  • Support a multi-tier structure; user, Web server and DB server can locate on separate machines
  • Conform to USA DoD TCSEC (Trusted Computer System Evaluation Criteria, Orange Book) specific C2-level security rules
  1. Various operating systems: Windows, Linux, Solaris, Unix, AIX, etc.
  2. Various development programming languages: ASP, PHP, JSP, .NET, Java, VB, VC, Delphi, Lotus, PowerBuilder, CGI, etc.
  3. Web-based and client/server- structured application system for consistency of security authentication mechanism and eliminate loop holes in information security
Checkpoint ARES uIAM Other Internet SSO
Upload account and password for user authorization? No, ARES uIAM only uploads account Mostly upload both account and password
SSO system manager has access to all user passwords? No, ARES uIAM does not provide any user password Access to user account and password
Exchange account information and saved file with other files; Uses ID to conduct SSO? No, ARES uIAM will not conduct such high-risk application Mostly using this method because it is easy and convenient, but ignore the fact that it is rather dangerous
After logging in, does the system allow users to become high-authority to access other account information? No, ARES uIAM assign unique authority for each user Yes, possible conversion to high-authority user
If SSO is hacked, does it affect all other system processes? No, all systems have their own unique authorization Yes, it will affect every system
Support multiple development programming language? ASP, PHP, JSP, .NET, Java, VB, VC, Delphi, Lotus, PowerBuilder, CGI, API Only support basic development programming language
Support cross-domain, cross-platform authentication? Not limited to one domain or platform, support Windows, Linux, Solaris, Unix, and AIX platform programming language application Only support basic domain and platform
Support Web-based and client/server structure system? Yes, completely support Client/server cannot be integrated