OneID Access

Secure Remote Access with decentralized credentials and centralized management 

access-1.png

Enable your digital transformation with confidence

OneID Access enables efficient and secure digital transformation with a practical and secure solution that opens up greater possibilities for interactive remote access. The OneID Access solution has the capability to revolutionize how remote access is performed and secured for remote workers (IT), and remote management (IT/OT). OneID Access moves authentication policies to an automated, hardware-based solution which eliminates vulnerabilities and is less costly to administer than complicated and insecure software-based strategies for secure remote access.  The solution also includes the option for hardware-based access control within a building or plant, providing seamless logical and physical controls.  Near real-time monitoring of access to components and systems within an organization, coupled with session control, provides confidence when enabling remote access. 

AdobeStock_366184547.jpeg

OneID Access enables NIST Authenticator Assurance Level 3

 

  • Decentralized credentials (Securely stores user credentials locally in one or more OneID Cards)

  • Securely stores keys and certificates for cryptographic validation of identity, encryption of communication, data-at-rest, and cryptographic validation of transaction

  • Connects OneID Card to any device through USB, Bluetooth, or NFC delivering exceptional ease of use

  • Provides a remote access client Virtual Machine that is hardened against a compromised host

  • Managed patches on appliances

  • Access controlled by a Supervisor or Administrator

  • Real-time shadowing of Remote Access User actions

  • Full audit trail of all activities

AdobeStock_299183846.jpeg

EPRI and OneIDLab Co-development of OneID Access:

The Electric Power Research Institute (EPRI) and OneIDLab have joined forces to solve one of the most pressing issues for Operational Technology (OT) within Critical Infrastructure. With Zero Trust in mind from the beginning together we have developed OneID Access for a risk-informed solution to secure remote access across the logical boundary. This is of paramount importance to the industry due to the rapid adoption of automation and utilization of complex digital systems due to increasing pressure to improve performance and reduce costs.  These drivers are requiring remote access by specialized experts, all at a time of increasingly sophisticated cyberattacks. Co-development of OneID Access was engineered in alignment with ERPI’s Interactive Remote Access Guidance.

AdobeStock_102694039.jpeg

Built to secure Operational Technology

 

Engineered from the ground up, OneID Access was built to secure Operational Technology workflows within Critical Infrastructure including data acquisition, control system maintenance and operation, and automation. With the goal of delivering the industry’s most secure remote access solution, OneID Access enables the following business objectives:

 

  • Lower O&M cost through reduced need for on-site engineering and technicians. 

  • Improved business agility and system resilience with secure access for technical experts including trusted vendors.

  • Reduced risk of downtime and system damage with secure access for real-time monitoring and maintenance

OneID Access high security and ease of use

access-step1.jpg

Step 1: The engineer selects the critical infrastructure system for secure remote access and sends a request to the supervisor. This request is securely initiated with OneID Card.

access-step2.jpg

Step 2: The supervisor receives the access request from the engineer and OneID Access evaluates the request for geographic and timing irregularities while ensuring the request is in line with the access policy. This analysis is shared with the supervisor for rapid assessment of appropriate authorization.

access-step3.jpg

Step 3: The Engineer receives confirmation to securely access the approved critical infrastructure remotely. This remote access is provided via a client virtual machine that is hardened against a compromised host and provides real-time shadowing of the remote access user actions. All actions are logged and reported via audit trail.

About EPRI:  Established to shape the future of electricity, EPRI provides thought leadership, industry expertise, and collaborative value to help the electricity sector identify issues, technology gaps, and broader needs that can be addressed through effective research and development programs for the benefit of society. Complementing OneIDLabs advanced security technology and capabilities, EPRI brings deep expertise in operational technology and critical infrastructure to the partnership. 

 

About OneIDLab:  A spinout of Tyfone Inc., OneIDLab is an access management security company built on an IP portfolio of over 20 patents and nearly a decade of technology development with the US Department of Defense, and the US Intelligence Community. OneIDLab enables the highest levels of hardware-based security while increasing agility and reducing operating costs by bringing decentralized identity-based encryption keys, coupled with strong provisioning, in an easy to deploy Zero Trust managed service. OneIDLab is laser-focused on securing OT and Critical Infrastructure. 

 

Background on the development and solution application of OneID Access is showcased in the EPRI Journal.

 

https://eprijournal.com/wp-content/uploads/2018/11/New-Tool-Protect-Kingdom.pdf

 

The EPRI and OneIDLab collaboration project is a success story that has resulted in the development of a commercial product.  The EPRI video below describes the problem and value proposition, and shows a demonstration of OneID Access filmed at EPRI’s Instrumentation and Control system facility:

 

https://www.youtube.com/watch?v=hbWO5Qzsbho&feature=emb_logo