Pages

Monday, September 5, 2011

Secureness for Password Reissue

Working on ID & password issue seems subdued, but it is extremely important. Failure in the operation may cause "Information leakage" or " information system hijacking", which may disrupt even business continuity. At least issuance logs should be exactly recorded.

The following Workflow model is for

  • A. a case of "automatic start" by "Workflow for pre-employment training program" of Personnel Department.(New ID issuance)
  • B1. a case "Applieed" ID for temporary employment.(New ID issuance)
  • B2. a case of "Forgotten Password" or "Change Account name" (Issued ID update)

Case 'A.'is on Trans-Workflow connection, 'B.'is on Web form connection. (Process model connecting API)

As a matter of course, talking over account issuance or re-issuance, we also must talk about "deletion". We will talk in some other time.

<Tasks>
0. Approver Nomination, 1. Approval, 2. Authorization Code issuance, 3. Input from Hearing, 4. Check P.W.Change, 5.Confirmation

[Password issue: [2. Authorization Code issuance] screen]



<Items>
  • Title (string)
-Personnel info-
  • Name (string)
  • Date wished (date)
  • Reason for (select: New employee/Temporary/Forgotten/Name change/others)
  • Reason for (string)
  • Email Address (string)
  • Phone/Extension No.(string)
-Account info-
  • Account ID (string)
  • 2nd choice (string)
  • Issued ID (string)
  • Password (string)
  • Personnel (user)
-Approver info-
  • Approver (string)
  • Approver (User)
-Control-
  • Issued Authorization Code (numeric)
  • Rejection (select) (approve/Reject)
-Communications-
  • Correspondence (discussion)

In this Workflow, applicant is identified as him or herself and his or her e-mail address, by sending an "authorization code" before giving "temporary password" and checking the code in other way.

That is, 'arbitrary number' is sent to the email address specified by account user at Task [2. Authorization Code issuance]. At Task [3. Input from Hearing], IT staff checks the number (authorization code) by hearing directly from account user, by phone or meeting him or herself or other way that making sure hearing from who.  And only when the number issued is equal to the number heard, temporary password is delivered. In other word it is "a system never allow 'illegal issuance' unless many people conspire together"

In addition, an internal control point of view, the task to ensure that "Temporary Password" has been changed by the user him/herself within a day after issuing is indispensable. So retention at the Task [4. Check P.W.Change] must being watched carefully.

<Mail setting>


<Similar Models>