 |
Using e-Tokens
An e-Token with a Public Key Infrastructure (PKI) security certificate provides two-factor authentication, thereby reducing the chances of someone being able to impersonate you. Someone would need both your e-Token and your password in order to impersonate you when accessing systems that require e-Token authentication.
e-Tokens allow you to: access the Agent's control panel of iCAN network.
About e-Tokens
An e-Token is a device that plugs into a USB port on your computer. It is designed to hold a Public Key Infrastructure (PKI) security certificate, which is an electronic certificate that uniquely identifies individuals to computers. A rough analogy would be that an e-Token is part of an electronic Identification Card that is completed or enabled when you enter your password. The e-Token is about the size of a house key and can be kept on your key ring.
Obtaining an e-Token
The agents are obtaining e-Token device with the general contract. They can purchase additional an e-Token from iCAN head office, located in #41 Al Amarat 7th street .
Installing the e-Token Software
The Aladdin e-Token software must be installed for your e-Token to work on a computer.
You may downlaod it from this link
Aladdin e-Token Software
Configuring Your Web Browser
The e-Token is compatible with the Internet Explorer, Firefox, Safari, Mozilla and Netscape. Other web browsers that support the PKCS#11 interface may also work.
Regardless of which browser you use, you will need to have the iCAN Root Certificate installed on your computer. If the iCAN Root Certificate has not already been installed on your computer, see the instructions for Getting the iCAN Root Certificate.
Acquiring a Private Certificate
To obtain an e-Token and have the electronic certificate installed on your e-Token, the agents must first obtain or purchase one from iCAN head office at #41 Al Amarat st. 7. After purchasing the e-Token, go to the Student iCAN Service Desk (Help Desk) at 172 Carson Hall. Faculty and staff should contact their department's IT support office. Everyone needing a certificate on their e-Token will need to show original or copy of their Agent contract and I.D. card or other form of picture identification, such as a driver's license or passport, to verify that you are the person whose name is going to be put on the e-Token.
Your e-Token password is important. For help with selecting a good password, see "Password rules and requirements". If you want to change the password on your e-Token sometime in the future, go to the e-Token Properties application in your Programs or Applications listing and change it, but be sure to keep the password strong. This does not affect the value of the private key on the e-Token, just access to the other information on the e-Token.
Acquiring the iCAN Root Certificate
To use your personal certificate, you may also need to install the iCAN Root Certificate in your web browser’s certificate store. This root certificate helps your computer determine whether iCAN-issued certificates are trustworthy.
Go to the iCAN Root CA web page and follow the instructions below, depending on which browser and operating system you are using. Note: if you use Firefox or Netscape, you have to import the root certificate for each browser.
Safari
Under the "Download certificates" section of the iCAN Root CA web page, click the iCAN CertAuth1 CA (iCAN Root CA) link. The Downloads window will open showing that iCANCA.cer has been downloaded to your default download location. Drag and drop the certificate file onto the Keychain Access icon in the Applications/Utilities folder. The Keychain Access application opens and you are prompted to add the certificates from the file to a Keychain. For Mac OS X 10.4 and earlier, select the X.509 Anchors keychain. For Mac OS X 10.5, select the System keychain. Keychain Access will now contain the iCAN College Root certificate. Quit the Keychain Access application.
Firefox
Under the "Download certificates" section of the iCAN Root CA web page, click the iCAN CertAuth1 CA (iCAN Root CA) link. A Downloading Certificate box will open. Put a check mark beside each of the three options in the center of the box, then click OK.
Using Your e-Token
For normal use, insert the e-Token into a USB port on your computer before you start your applications. The red LED light on the e-Token will flash while loading, then stay on once loaded. When an individual application requires the use of a certificate in the e-Token, a box will appear asking for the password for the e-Token. Each separate application requires entering the password to unlock your certificate on the e-Token. Most applications will only ask for the password once per session.
When you are finished using your e-Token, simply unplug it from the computer’s USB port.
You will select a password when configuring the e-Token. It is not related to any other password, and should be different from your DND password. Do not forget the password or enter the wrong password more than 15 times in a row. If you do, the e-Token will become unusable and require reformatting (you will need to go to the iCAN Service Desk (Help Desk) to have it reformatted or you can contact your department's IT support office). This is a security feature that prevents misuse of lost or stolen e-Tokens. You may, however, change the password by using the Aladdin e-Token Properties program, which has to be installed on your computer for the e-Token to work.
What Can Be Done with an e-Token
With your e-Token, you can:
Access protected Agent's Control Panel that are protected by e-Token access.
Maintaining Your e-Token
You can use the Aladdin e-Token Properties application to change your e-Token's password or name, to view the contents of your e-Token, and remove keys and certificates from it. If it is not already on your computer, you can download it from the Web; see Aladdin e-Token Runtime Environment.
If you remove your certificate from your e-Token, a new certificate can be installed for you onto your e-Token; please contact the iCAN Service Desk (Help Desk) at 092 6687726 and select from the options provided, or call your department's IT support office.
Try not to get the e-Token wet or dirty. If it gets wet, dry it out before using it.
|
|
|
|
|
|
