Most enterprise security solutions available in the market focus mainly on the enterprise host and network security. However, in many circumstances the resources reside on individual client PCs or Laptops which also needs to be secured within the overall security framework.

Citadel™ is a comprehensive and sophisticated host security solution which uses smart cards and biometrics to ensure a high level of protection for the entire enterprise infrastructure including both host and client systems. Citadel also encrypts sensitive data by using cryptographic functions on the smart card to ensure all data is protected in case the computer system has been compromised or stolen.

Citadel Components

EntryGate
Citadel™  uses smart card authentication as an alternative to passwords in order to achieve strong authentication. A smart card can be used to authenticate any Windows 2000/XP/2003 workstation. To log on to a system, a user must insert his smart card into the reader and enter his password or place his finger on the fingerprint sensor. When the smart card is removed, Windows automatically recognizes this and locks the system.

SecureDisk
One of the most vital concerns of every corporation is the protection of sensitive data. Citadel™ Secure Disk incorporates cryptographic capabilities, secure communication, and secure storage using smart cards to provide an enhanced sensitive data protection solution to secure valueable corporate intellectual assets.

Citadel™  SecureDisk utilizes the most modern and powerful cryptography algorithms known worldwide. Secure storage of the keys on the smart card eliminates illegal access to the corporate secret keys. Moreover, exploiting secure messaging mechanisms ensures communication channel security in the process of information exchange with the smart card.

Users can protect their sensitive files by using this method. Data is first encrypted by a random symmetric key and then the key is sent to the smart card for an additional layer of security. Upon decryption, the opposite method is used to retrieve the original key which is used for decrypting the actual data.

SecureNet
Citadel™ SecureNet is a solution to secure network communications. By encrypting all data sent over the network, Citadel SecureNet provides a highly secure platform for network communications. Similar to Citadel SecureDisk, all important cryptography functions are carried out by a smart card, which includes Key-agreement, Encryption and Decryption. All cryptographic keys are stored on the smart card, which prevents them being stolen or accessed by unprivileged users.

NetGuard
Citadel™  NetGuard includes a Firewall to control all data sent and received on the network. The firewall controls the network traffic to stop information from being intercepted or stolen and to stop any unauthorized access to the network. Citadel NetGuard also includes extra security to limit access to computers based on IP address and / or Port number for both Source and / or Destination and also includes restricted access based on access time.

SecureOS
Citadel™  SecureOS provides an extra layer of security by using Windows XP Embedded platform to control and customize the operating system configuration to ensure applications are run in accordance with corporate security policies.

Citadel Smart Card Suite

AccessCard
AccessCard is used to store user information such as name, personnel id, department name, title and username in an enterprise. This card uses built-in cryptography functions to provide secure information storage and all communications between the smart card and the EntryGate component is encrypted to ensure full data protection during the logon process.

CryptoCard
CryptoCard provides advanced cryptographic functions based on a Multi-Application smart card platform. It is designed to be fully compliant with the Microsoft smart card logon architecture and uses tamper-resistant storage for all encryption keys and other user data.

To ensure the highest level of security, the private key used for encryption never leaves the smart card once it is created. All encryption and decryption process is done by the smart card itself in compliance with hardware security requirements.

In addition the crypto card features on-board key generation and is capable of producing random numbers for use in cryptography applications. The crypto card supports all industry wide cryptographic standards such as RSA, DES/3DES and AES.

BioCard
BioCard includes all the functions of the crypto card plus additional storage of secure  biometric information used to identify and authorize user log on to PC workstations. Biometric access can be deployed instead of or in addition to existing log on access functions.

UltraCard
UltraCard is the most advanced and innovative type of card in the Citadel smart card product suite. It supports a wide range of cryptography algorithms, including Symmetric Encryption, Public Key Encryption, Key Exchange mechanisms, and Digital Signatures. One of the unique features of UltraCard is the storage and verification of biometric information (eg. fingerprint) on the smart card itself to provide portable and flexible biometric authentication services. UltraCard is also a high performance smart card platform with communication of up to 20 times faster than other smart cards.

Citadel Product Suite

Citadel Opal™
Opal™ is the Citadel smart card based solution for user identification. In addition to authentication and access control, it utilizes smart card technology to secure workstation access to provide greater security than standard username/password access methods.

Features:

• Integrated highly secure Identification Card
• Secure and convenient access control
• Secure user information storage on card
• Secure access permission storage on card
• Workstation locking during idle times
• Usable on any PC or, Laptops
• Customizable User Interface (company logo on login screen)
• Complete integration with windows WinLogon component
• Mutual Authentication between host and card using 3DES Algorithm
• Secure Channel between the smart card and host using dynamic session keys
• Two factor security using windows password and smart card authentication
• Logon-on to different domains that can be defined in the smart card

Citadel Olivine™
Citadel Olivine™ provides cryptographic storage of hard disk information in a fast, easy and convenient way whilst preserving complete anonymity of the encrypted information. Citadel Olivine takes full advantage of smart card based cryptography and keys to improve data security and prevent illegal access to sensitive information in the event of physical disk theft.

Features:

• Includes full features of Citadel Opal™
• Encryption of hard disk information
• Easy access to encrypted data
• Secure storage of cryptographic keys
• Secure smart card cryptographic operations
• Randomly generated dynamic keys
• Automatic compression of encrypted files
• Fast and complete restoration of encrypted information during decryption
• Random Key Generation in the host or smart card for each individual disk file
• File Encryption/Decryption on the host based on the AES security standard
• Key Encryption/Decryption in the smart card based on the 3DES security standard
• Shredding plaintext files after encryption up to 5 times

Citadel Onyx™
Citadel Onyx™ is one of the most advanced smart card based enterprise logon solutions. It incorporates the power and security of smart cards and combines them with the unique features of biometric properties. It also includes encryption software to ensure full protection of sensitive data.

Features:

• Includes full features of Citadel Olivine™
• Fingerprint template storing on smart card
• Featuring ST active capacitive fingerprint sensor
• Smart card based encryption and decryption
• All Technical features of Citadel Olivine®
• Three factor security using fingerprint matching authentication along with smart card authentication and windows password authentication
• Configurable FAR (False Acceptance Rate) and FRR (False Rejection Rate) parameters of fingerprint template matching algorithm

Back Top