Solution Brief Two Factor Authentication
User Manual: Solution-Brief-Two-Factor-Authentication of /wp-content/uploads/2013/05
Open the PDF directly: View PDF .
Page Count: 4
Download | ![]() |
Open PDF In Browser | View PDF |
Solution Brief : Two-Factor Authentication Place graphic in this box The Password as you Know it is Dead: Challenges • With recent increases in processing power and the ability to outsource password cracking to the cloud, password-only based authentication is no longer sufficient to secure your critical data. • There are currently four ways to manage passwords, none of which are completely infallible. This necessitates the need for businesses to investigate multiple factors of authentication. Welcome to the World of Two-Factor Authentication In 2012, researchers at Fortinet’s FortiGuard Labs published a report that predicted a marked increase in businesses migrating to two-factor authentication in 2013. Three months into the New Year, after a data breach forced the company to reset 50 million of its users’ passwords, Evernote announced plans to adopt two-factor authentication as a better means of securing its users’ data. Other companies that have also recently made that transition include Amazon, Apple, Dropbox, eBay, Facebook, Google and Microsoft. According to TechNavio, the global two-factor authentication market is expected to grow 20.8% between 2011-2015 (1). According to Markets and Markets, the multi-factor authentication market will reach $5.45 billion by 2017(2). Finally, Fortinet’s FortiAuthenticator platform, which complements the FortiToken range of two-factor authentication tokens for secure remote access, has recently seen triple digit growth. Objectives • Understand the multiple factors of authentication available today, the pros and cons of each and determine the best ones to choose for your environment and unique business requirements. Implementing two-factor authentication Why Single Factor Authentication is Doomed “In the early days of Internet authentication, plain text passwords were often sufficient, as the number of threat vectors were minimal and processing horsepower and password repositories weren’t readily available to just anyone,” said Richard Henderson, security strategist and threat researcher for Fortinet’s FortiGuard Labs. “As newer password cracking tools, faster processors and always-on Internet connections arrived, plain text passwords started to come under fire. With the advent of cloud cracking services, such as Cloud Cracker, which leverages the power of distributed computing, 300 million password attempts can be made in as few as 20 minutes for around www.fortinet.com lets you solve network authentication security problems affordably by adding a second factor for strong authentication. You cannot always trust your users with your network security. Relying solely on static passwords for remote access to your VPN and web sites provides only weak authentication, because your users’ passwords are vulnerable to theft or guessing, as well as dictionary and brute-force attacks. 1 Solution Brief : Two-Factor Authentication $17, meaning even a strong, encrypted password can be cracked with a little patience.” There are basically four ways to manage network passwords today and none of them are invulnerable on their own: 1. Plain Text: This is the weakest method of password management, because if an attacker manages to steal a plain text password file, the passwords of the server’s user accounts can be easily swiped. The Australian Tax Office (ATO), The UK’s Government Communications Headquarters (GCHQ) and retailer Tesco are all recent examples of companies that have been breached and subsequently admitted to storing their passwords in plain text. 2. Basic Encryption: This approach encrypts and stores an individual password (known as a “hashed” file). However, a stolen file that’s been hashed once really isn’t that much more secure than storing the password in plain text. Advances in CPU speeds and the availability of new password cracking software and both lookup and rainbow tables (precalculated tables of values that can be cross-referenced) means that it’s only a matter of computing resources and time before most hashed password files are broken open. 3. Random String Encryption: This adds a random string to each password and then encrypts that value, which prevents an attacker from storing tables of precalculated values and looking for matches (this is known as a “salted hash”). Salted hashes aren’t infallible, though: if the salt used is too short, or if the same salt has been used to salt all passwords, then it’s possible to crack them open relatively easily. 4. Multiple Encryption Passes: This refers to the ability to encrypt an already encrypted value. The process, also referred to as “stretching,” enables a value to be encrypted multiple times. However, there is much debate about whether this greatly improves security or not. “Salted hashes and stretches are more secure than plain text or encrypted passwords for the time being,” Henderson continued. “However, the ability 2 to utilize the incredible power in today’s CPUs means that it’s likely just a matter of when and not if these types of encryption of passwords fall. Keep in mind that given enough time and resources, no type of password encryption is infallible.” Adding Another Factor of Authentication Two–factor authentication, also referred to as multifactor authentication, strong authentication and 2-step verification, consists of two of the following three methods of authentication: • Something a user “knows:” This can be a password, challenge question or finger swipe movement over the face of a mobile device. This is commonly known as a knowledge factor. • Something a user “has:” This can consist of a small hardware device, such as a smart card, USB key fob or a keychain dongle or a smartphone token, which generates a unique one-time password that’s sent to or generated by an application on a user’s mobile phone. This is known as a possession factor. • Something a user “is:” This typically involves a biometric reader that detects something that validates something uniquely personal, such as a fingerprint, iris or voice. This type of authentication is known as an inherence factor. The following user authentication options represent a few the most popular solutions available today along with a few of their pros and cons. Passwords The best thing about a password is that it’s something a user knows or is easily remembered. It’s the easiest (and least expensive) authentication option to implement from an IT perspective and a user doesn’t need to possess an extra piece of hardware in their pocket or wallet. On the other hand, if a password is not complex enough, it can be easily guessed. If it’s too complex, it could be forgotten. If a computer has been compromised with a botnet using a key logger, any password is easily swiped. Managing multiple passwords for multiple Websites is cumbersome. Software www.fortinet.com Solution Brief : Two-Factor Authentication password crackers can crack simple passwords in minutes and cloud cracking services can crack complex passwords in a few hours. Smartphone Tokens card can break. Biometrics Hardware Tokens There are two types of biometric user authentication: physiological includes fingerprint, facial, iris, retina and hand geometry scans and behavioral includes voice recognition, gates, keystroke/signature scans. The main advantage to biometric authentication is that authentication is coded to an individual, so there’s no need to remember a complex password or carry another hardware device. On the other hand, these types of measurements are based on patterns and patterns hardly ever match precisely, which opens possibility for false positives and false negatives. A pattern recognition that is too lax could allow the wrong user into a system. One that’s too strong could prevent a legitimate user from accessing a system. Smartphone tokens are a lot like hardware tokens except that the authentication password is sent Smart Cards to or generated by an application on the user’s There are two types of smart cards (memory and mobile phone. The benefit to this approach is that a user doesn’t need to carry around an microprocessor). The advantages of these cards are that their small, thin form factor makes them extra piece of hardware in their wallet or pocket. Like hardware tokens, easy to carry around in a they’re more secure than wallet or a pocket, and passwords, and there’s they can store a user’s no need for a user to identity and PIN. The cons remember complex are that they require a passwords. However, reader on the computing like hardware tokens, device, those readers smartphone tokens are could conceivably be not impenetrable against compromised, the hackers. FortiGuard Labs cards must be issued has studied instances of and tracked, they can the Zitmo Android botnet be easily lost, stolen or watching for two-factor shared, they must be in authentication codes a user’s possession to Fortinet’s FortiToken-200 Provides Hardware-Based Authentication for Your Network and sharing them with access the computing a command and control device, it becomes server. locked after a number of bad attempts, and the Like smart cards, hardware tokens have many of the same pros and cons. Hardware tokens are more secure than passwords and more secure than smartphone tokens, as they’re less susceptible to key logging hacks or other forms of malware designed to steal authentication credentials; they can be used for login and transaction authentication and users don’t have to remember complex passwords. On the other hand, hardware tokens come at an additional cost (for the dongle itself as well as any additional software and hardware needed to manage the authentication), they must be in the possession of the user at login, multiple tokens may be required to access multiple Websites. Hardware tokens can be hacked though, as was the case with RSA’s SecurID back in 2011. Two-Factor Authentication Best Practices Protecting sensitive data online by using multiple www.fortinet.com 3 Solution Brief : Two-Factor Authentication factors of authentication is the best policy for ensuring the safety and integrity of data. However, when matching authentication methods to your needs, don’t assume that any two methods will work for your particular purpose. It should be noted that, while two-factor authentication can offer greater protection, there are two types of attacks (masquerade and session hijacking) that can undermine any type of authentication. A masquerade attack is exactly what it sounds like: an attack that’s able to assume a falsely-claimed digital identity and thus bypass the authentication mechanism. Session hijacking, also known as TCP session hijacking, happens when an attacker surreptitiously obtains a session ID and takes control of an already authenticated session. It’s important to note that no two-factor authentication strategy can protect against a session hijack – ensuring all data is transmitted using SSL and HTTPS will help mitigate the chances of session hijacking taking place. One important thing to keep in mind when planning out an authentication strategy: some types of two-factor authentication are stronger than others. In some cases, even a single factor may be inherently more secure than some two-factor implementations: a scan of the veins in a user’s hands will be more secure than a simple password and one-time password card. Before You Buy Some factors you want to consider before purchasing a solution to implement two-factor authentication: The tool’s ease of use: How hard is it going to be to train your IT staff in its day-to-day operation? GLOBAL HEADQUARTERS Fortinet Inc. 1090 Kifer Road Sunnyvale, CA 94086 United States Tel: +1.408.235.7700 Fax: +1.408.235.7737 www.fortinet.com/sales How much work will it take for initial setup and roll-out? Integration with the existing software platform: will the solution “drop-in” into your existing infrastructure? Will any custom software development be required to integrate the solution? Ability to meet security requirements/regulatory compliance: does your line of business or industry have any unique regulatory or reporting requirements that may require a certain type of implementation? Will choosing a specific solution meet those requirements? The security of the tool itself: is the encryption algorithms used strong enough for your needs? Vendor support: what sort of support or assistance can you expect from the developer of your solution? Cost: what’s the per-user cost to implement? Maintenance contracts? Additional costs to support the implementation at the Help Desk? Future flexibility: will upgrades be available? Two-factor authentication is an idea that is ready for wide-scale adoption. At FortiGuard, we believe the best way to keep a network and its users safe is to use technologies like two-factor authentication as part of a multi-layered security strategy. Adding two-factor authentication provides another layer of solid protection on top of any current security infrastructure. Footnotes: (1):http://www.prbuzz.com/technology/95904-new-research-ontwo-factor-authentication-market.html (2):http://www.marketsandmarkets.com/PressReleases/multifactor-authentication.asp EMEA SALES OFFICE 120 rue Albert Caquot 06560, Sophia Antipolis, France Tel: +33.4.8987.0510 Fax: +33.4.8987.0501 APAC SALES OFFICE 300 Beach Road 20-01 The Concourse Singapore 199555 Tel: +65.6513.3730 Fax: +65.6223.6784 LATIN AMERICA SALES OFFICE Prol. Paseo de la Reforma 115 Int. 702 Col. Lomas de Santa Fe, C.P. 01219 Del. Alvaro Obregón México D.F. Tel: 011-52-(55) 5524-8480 Copyright© 2013 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, and FortiGuard®, are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance metrics contained herein were attained in internal lab tests under ideal conditions, and performance may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to the performance metrics herein. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any guarantees. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable. www.fortinet.com 4
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.4 Linearized : Yes Tagged PDF : Yes XMP Toolkit : Adobe XMP Core 5.2-c003 61.141987, 2011/02/22-12:03:51 Create Date : 2013:04:11 13:35:31-07:00 Metadata Date : 2013:04:11 13:35:32-07:00 Modify Date : 2013:04:11 13:35:32-07:00 Creator Tool : Adobe InDesign CS5.5 (7.5.2) Page Image Page Number : 1, 2 Page Image Format : JPEG, JPEG Page Image Width : 256, 256 Page Image Height : 256, 256 Page Image : (Binary data 11423 bytes, use -b option to extract), (Binary data 12530 bytes, use -b option to extract) Instance ID : uuid:0bb16cd5-cfb7-0a4d-8f11-dfdaedd0105e Document ID : xmp.did:2C41FF8B072068118C14AA79FB29BC79 Original Document ID : xmp.did:F77F11740720681192B0BAF291DBA986 Rendition Class : proof:pdf History Action : created, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved, saved History Instance ID : xmp.iid:F77F11740720681192B0BAF291DBA986, xmp.iid:F97F11740720681192B0BAF291DBA986, xmp.iid:FA7F11740720681192B0BAF291DBA986, xmp.iid:FD7F11740720681192B0BAF291DBA986, xmp.iid:008011740720681192B0BAF291DBA986, xmp.iid:3990C44B2520681192B0BAF291DBA986, xmp.iid:3A90C44B2520681192B0BAF291DBA986, xmp.iid:3B90C44B2520681192B0BAF291DBA986, xmp.iid:3C90C44B2520681192B0BAF291DBA986, xmp.iid:3E90C44B2520681192B0BAF291DBA986, xmp.iid:3F90C44B2520681192B0BAF291DBA986, xmp.iid:4290C44B2520681192B0BAF291DBA986, xmp.iid:7A47FDE12A20681192B0BAF291DBA986, xmp.iid:7D47FDE12A20681192B0BAF291DBA986, xmp.iid:7E47FDE12A20681192B0BAF291DBA986, xmp.iid:8247FDE12A20681192B0BAF291DBA986, xmp.iid:8347FDE12A20681192B0BAF291DBA986, xmp.iid:3A2FB4AC3020681192B0BAF291DBA986, xmp.iid:F77F1174072068118C14E50E823E7B75, xmp.iid:FB7F1174072068118C14E50E823E7B75, xmp.iid:00801174072068118C14E50E823E7B75, xmp.iid:76D56C660B2068118C14E50E823E7B75, xmp.iid:7BD56C660B2068118C14E50E823E7B75, xmp.iid:65E6C4FD0B2068118C14E50E823E7B75, xmp.iid:6AE6C4FD0B2068118C14E50E823E7B75, xmp.iid:81BBFB9C1D2068118C1488E6C99279E4, xmp.iid:535821C8202068118C1488E6C99279E4, xmp.iid:545821C8202068118C1488E6C99279E4, xmp.iid:87AE5946212068118C1488E6C99279E4, xmp.iid:88AE5946212068118C1488E6C99279E4, xmp.iid:9EE1D4BF212068118C1488E6C99279E4, xmp.iid:CAE485A4242068118C1488E6C99279E4, xmp.iid:D1E485A4242068118C1488E6C99279E4, xmp.iid:D4E485A4242068118C1488E6C99279E4, xmp.iid:64EA1B5F252068118C1488E6C99279E4, xmp.iid:65EA1B5F252068118C1488E6C99279E4, xmp.iid:6AEA1B5F252068118C1488E6C99279E4, xmp.iid:05801174072068118C148F1DB12847B9, xmp.iid:06801174072068118C148F1DB12847B9, xmp.iid:07801174072068118C148F1DB12847B9, xmp.iid:7FBAE667082068118C148F1DB12847B9, xmp.iid:694E56B6082068118C148F1DB12847B9, xmp.iid:6A4E56B6082068118C148F1DB12847B9, xmp.iid:6F4E56B6082068118C148F1DB12847B9, xmp.iid:704E56B6082068118C148F1DB12847B9, xmp.iid:5A0828C2212068118C148F1DB12847B9, xmp.iid:FB7F1174072068118C14AA79FB29BC79, xmp.iid:FC7F1174072068118C14AA79FB29BC79, xmp.iid:2A41FF8B072068118C14AA79FB29BC79, xmp.iid:2B41FF8B072068118C14AA79FB29BC79, xmp.iid:2C41FF8B072068118C14AA79FB29BC79, xmp.iid:19B8B0C6082068118C14AA79FB29BC79, xmp.iid:1AB8B0C6082068118C14AA79FB29BC79, xmp.iid:0B9A7BC90D20681188C68DCC81D9EBDA, xmp.iid:0C9A7BC90D20681188C68DCC81D9EBDA, xmp.iid:3C7166620E20681188C68DCC81D9EBDA, xmp.iid:76E4F1830E20681188C68DCC81D9EBDA, xmp.iid:F17F117407206811822AA9FFED3E8BFA, xmp.iid:F27F117407206811822AA9FFED3E8BFA, xmp.iid:52AEE09C07206811822AA9FFED3E8BFA, xmp.iid:05801174072068118083862AE11EFF16, xmp.iid:1C16996F092068118083862AE11EFF16, xmp.iid:2216996F092068118083862AE11EFF16, xmp.iid:133C86320B2068118083862AE11EFF16, xmp.iid:143C86320B2068118083862AE11EFF16, xmp.iid:1A3C86320B2068118083862AE11EFF16, xmp.iid:1B3C86320B2068118083862AE11EFF16, xmp.iid:FC7F117407206811822AAA7D17F576AD, xmp.iid:CEA3F7DD08206811822AAA7D17F576AD, xmp.iid:D5A3F7DD08206811822AAA7D17F576AD, xmp.iid:FD7F1174072068118083E3D402813828, xmp.iid:05801174072068118083C80B16CFAE29, xmp.iid:05801174072068118083BB232B0EEF68, xmp.iid:05801174072068118083C7E914DD3CB8 History When : 2012:03:27 10:46:37-07:00, 2012:03:27 11:12:58-07:00, 2012:03:27 11:12:58-07:00, 2012:03:27 11:25:33-07:00, 2012:03:27 11:27:20-07:00, 2012:03:27 14:20:15-07:00, 2012:03:27 14:29:38-07:00, 2012:03:27 14:43:48-07:00, 2012:03:27 14:48:01-07:00, 2012:03:27 14:48:01-07:00, 2012:03:27 15:00:07-07:00, 2012:03:27 15:00:07-07:00, 2012:03:27 15:00:14-07:00, 2012:03:27 15:00:14-07:00, 2012:03:27 15:01:30-07:00, 2012:03:27 15:40:17-07:00, 2012:03:27 15:41:42-07:00, 2012:03:27 15:41:42-07:00, 2012:04:18 14:01:24-07:00, 2012:04:18 14:01:24-07:00, 2012:04:18 14:19:48-07:00, 2012:04:18 14:29:39-07:00, 2012:04:18 14:30:49-07:00, 2012:04:18 14:33:53-07:00, 2012:04:18 14:35:59-07:00, 2012:04:19 13:56:39-07:00, 2012:04:19 13:57:34-07:00, 2012:04:19 13:58:03-07:00, 2012:04:19 14:01:06-07:00, 2012:04:19 14:03:32-07:00, 2012:04:19 14:14:13-07:00, 2012:04:19 14:25:12-07:00, 2012:04:19 14:30:06-07:00, 2012:04:19 14:30:25-07:00, 2012:04:19 14:30:25-07:00, 2012:04:19 14:30:38-07:00, 2012:04:19 14:30:38-07:00, 2012:11:14 13:30:34-08:00, 2012:11:14 13:30:34-08:00, 2012:11:14 13:37:23-08:00, 2012:11:14 13:37:23-08:00, 2012:11:14 13:40:17-08:00, 2012:11:14 13:40:23-08:00, 2012:11:14 13:40:23-08:00, 2012:11:14 16:38:52-08:00, 2012:11:14 16:38:52-08:00, 2012:11:16 12:38:16-08:00, 2012:11:16 12:38:16-08:00, 2012:11:16 12:38:57-08:00, 2012:11:16 12:39:06-08:00, 2012:11:16 12:39:06-08:00, 2012:11:16 12:47:45-08:00, 2012:11:16 12:47:45-08:00, 2012:11:29 16:13:52-08:00, 2012:11:29 16:13:52-08:00, 2012:11:29 16:15:11-08:00, 2012:11:29 16:16:07-08:00, 2013:04:01 13:50:59-07:00, 2013:04:01 13:50:59-07:00, 2013:04:01 13:52:07-07:00, 2013:04:09 22:55:29-07:00, 2013:04:09 23:09:41-07:00, 2013:04:09 23:21:56-07:00, 2013:04:09 23:22:17-07:00, 2013:04:09 23:24:59-07:00, 2013:04:09 23:28:18-07:00, 2013:04:09 23:33:28-07:00, 2013:04:11 13:18:21-07:00, 2013:04:11 13:28:28-07:00, 2013:04:11 13:28:55-07:00, 2013:04:11 13:30:01-07:00, 2013:04:11 13:31:10-07:00, 2013:04:11 13:32:13-07:00, 2013:04:11 13:35:24-07:00 History Software Agent : Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.0, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5, Adobe InDesign 7.5 History Changed : /;/metadata, /metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /metadata, /;/metadata, /metadata, /;/metadata, /metadata, /;/metadata, /;/metadata, /;/metadata, /metadata, /;/metadata, /metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /metadata, /, /metadata, /;/metadata, /;/metadata, /metadata, /metadata, /;/metadata, /;/metadata, /metadata, /;/metadata, /metadata, /;/metadata, /;/metadata, /metadata, /;/metadata, /metadata, /, /;/metadata, /metadata, /;/metadata, /metadata, /;/metadata, /;/metadata, /;/metadata, /metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata, /;/metadata Derived From Instance ID : xmp.iid:2B41FF8B072068118C14AA79FB29BC79 Derived From Document ID : xmp.did:5A0828C2212068118C148F1DB12847B9 Derived From Original Document ID: xmp.did:F77F11740720681192B0BAF291DBA986 Derived From Rendition Class : default Doc Change Count : 3566 Format : application/pdf Producer : Adobe PDF Library 9.9 Trapped : False Page Count : 4 Creator : Adobe InDesign CS5.5 (7.5.2)EXIF Metadata provided by EXIF.tools