CASQUE provides components to build secure systems with Strong Authentication, Authorisation and Key Update on local or wide area networks or www.

CASQUE seeks to provide the highest integrity security solution that controls access to remote computer systems by users having something unique (the CASQUE Responder Token) and knowing something associated (user login and password).

CASQUE Systems are administered completely in-house by non-security experts and are capable of providing definable risk assessment and supporting the highest levels of assurance.

CASQUE starts with a methodology - it has a complete abstract syntax of challenge and response messages allowing various security applications to be implemented including strong authentication.

DMS in designing CASQUE set out to construct a methodology that could be used to address several security and administrative requirements:

• Strong Authentication: the system must provide ultimate verification of the user requesting access. Such verification must preclude a defence of 'unknowingly compromised' if their login and password or private key has been used to commit a fraudulent or illegal act.

• Platform Independent Remote Access Provision: the system must allow high security remote access, available without the need for platform specific hardware, e.g. card readers or biometric devices.

• Easy Integration into Existing Applications: the system should be easy to integrate, allowing its use with all existing and future software systems and protocols.

• Ease of Operation by End User: the system must be simple to operate so the end user requires very little training and it provides minimal interference in the user transaction interface.

• Ease of Administration: the system must allow simple update and control of access privileges by internal system administrators.

• Defined Performance: the overhead of processing must be able of calculation and so can guarantee the performance say of 20,000 users all logging in at 9am.

• Scaleable Risk Assessment: the system must be adjustable to match the threat level- can change the Responder keys in a way transparent to users at chosen intervals. Random data is only used once and random data files are superseded at definable intervals.

• Compromise Recoverability: the system can recover easily from Responder compromise or main Server compromise. There is a portion (SAS) completely separate from the network.