HP Remote Device Access Security Overview for A.05.30 (December 2009)
Figure 1-1 Virtual CAS
1.5 Access Control Details
1.5.1 Access control on the HP side
HP manages all remote access customers in an internal portal called Remote Access Portal. Customers and
their connection data are centrally and securely managed in via this central portal. Each customer can be
associated with individual access rights so that narrow access permissions for this customer can be enforced,
matching your security and access permission needs. The Remote Connectivity Database is the central place
where the configuration data and access permissions are stored.
Any HP Support specialist must authenticate to the HP RDA Infrastructure ( RAPS, RCTS and RACS ) using
HP-issued X.509 certificates, internally called Class A DigitalBadges, that employ two-factor authentication.
The HP support specialist must have a physical ActivKey or ActivCard which is enabled by a password or
passphrase. This is a physical hand held token issued to appropriate HP support personnel and issuance is
controlled by HP business and security policies.
Only if the support specialist is allowed to access the customer, the RAP will display the customer network
configuration data, possible CASii and customer target systems.
1.5 Access Control Details 13