Paradox Authentication service
Device Health Measurements for High Assurance Zero Trust Architectures
for paradox secure endpoints
protect access to critical web services with device health measurement, device identity and authentication
- Enforce cryptographic validation of device health and identity before allowing access to protected services
- Designed with UK Government for protecting high-threat environments
- Supports ADFS for enterprise service integration
- Health measurements use a hardware root of trust (TPM) and uniquely extend through all installed device software
The Paradox Authentication Service (PAS), is a network service (reverse proxy) that sits in front of one or more protected web services, transparently intercepting client requests to access those services.
PAS makes use of a secure Remote Attestation protocol to protect web services from access by endpoint devices that are not trustworthy.
When a device attempts to access the protected web service, the PAS server checks whether the device has recently provided proof of a successful Remote Attestation process proving valid device health measurements. If it has, it is given time-limited access to the protected web service. If not, the device is automatically redirected to complete Remote Attestation, and provide proof of success before it is permitted access.
Multiple PAS servers may be installed and configured on the network, each one protecting access to a different web service.
PAS may be integrated with ADFS for seamless enterprise service integration.
Want to find out how to better protect your network services?
Advantages
Security
Our PAS ensures that only devices with valid health measurements and identity are able to access your protected web services, providing a high level of security for your critical web services. It is designed with UK Government, specifically for protecting high-threat environments, ensuring that it provides superior security to standard security systems. PAS also supports ADFS, allowing for easy enterprise service integration. Trust in Becrypt to protect your most sensitive web services.
Benefits
Our Paradox Authentication Service provides a range of benefits, including the enforcement of cryptographic validation of device health and identity, making it much harder for hackers to gain access to your web services. Health measurements use a hardware root of trust (TPM) and uniquely extend through all installed device software, providing comprehensive coverage. Our service is also straightforward to set up and use, simplifying the secure management of your services.