REPRIEVE - makes SAFEGUARD PCI compliant in regard to the management of frozen users, and prevents a Denial-of-Service attack, caused by the AUTHENTICATE_FAIL_FREEZE setting in SAFEGUARD
The PCI paper discusses under point 8.5.13 the need to lock out a user when six authentication attempts have failed. Under Point 8.5.14, the lock-out time is specified: Set the lockout duration to thirty minutes or until the administrator re-enables the user ID.
These requirements cannot be satisfied with current SAFEGUARD features.
Actually, SAFEGUARD supports two different penalty schemes:
The current change request is to be able to configure:
The solution is REPRIEVE from GreenHouse:
REPRIEVE is a program controlled by the $ZZKRN process. It keeps an eye on the user-ID files and recognizes any change of a user. When a user becomes frozen, REPRIEVE starts a timer for this user, and thaws her/him automatically when the timer times out. All variables, such as
can be configured.
The configuration is done through a small EDIT type file (standard), or can be done through the REPRIEVE module of iWAMS, the web based management system from GreenHouse.
The configuration can be changed at run time.
Four steps to your free trial license:
Data protection: If you contact us via the order trial form, your details will be taken from the form including the contact details provided by you for the purpose of processing the request and in case of follow-up questions stored with us. We do not give this data without yours consent continues.