TOP
Ho-Ho-Ho!
SEC/1: Service dongle for authentication

Service Key SEC/1

The SEC/1 in typical dongle design is a solution for protecting user interfaces in automation and is supplied with RS232 or USB interface.

An authorized employee must first connect the SEC/1 to an automation module and is only granted access to the configuration interface after successful challenge-response authentication and the subsequent user name/password check.

The SEC/1 is also suitable for principle of least privilege (POLP) concepts. In this case, a user is granted only the minimum necessary rights after a successful challenge-response authentication in a configuration software.

POLP solutions also help to avoid errors, since an employee is only granted access to the functions for which they have been trained. This significantly reduces misconfigurations - the greatest security risk in networked autmation modules.

The SEC/1 is available together with a special security setup as an accessory for the IGW/922 and IGW/925 remote access gateways. The SEC/1 can also be retrofitted to other assemblies.

For interested manufacturers we offer an integration kit on request. This allows existing systems to be retrofitted with increased access protection.

Thus, the IGW itself can generate the digital fingerprint for the challenge and compare the result with the response received from the SEC/1. If both fingerprints are identical, the challenge-response authentication is successfully completed.

Now the user can enter the username-password combination and access the IGW's configuration interface.

Highlights

  • Challenge-Response authentication
  • 1x RS232
  • Dongle design

Suitable for

IGW/922

IGW/925

How the SEC/1 works

Figure 1 illustrates how the SEC/1 works.

After connecting the SEC/1 to a remote access gateway of the IGW series, a unique random number (nonce) is generated and transmitted to the SEC/1 as a challenge.

The SEC/1 then uses a hash function to determine a digital fingerprint from the random number and the stored key, which in turn is sent back to the IGW as a response.

The IGW also knows the key and the hash function of the SEC/1.

How the SEC/1 works Zoom image

Figure 1: How the SEC/1 works

SSV Software Systems GmbH

Dünenweg 5
30419 Hannover

Phone: +49(0)511 / 40 000-0
Fax: +49(0)511 / 40 000-40

sales@ssv-embedded.de


Imprint    ·    Privacy Policy    ·    Terms & Conditions

© 2022 SSV Software Systems GmbH. All rights reserved.

ISO 9001:2015