The aim of this thesis was to implement a one-time password system for SSL VPN connection authentication into operation for an ICT company located in Oulu. Before the beginning of this thesis the company had decided to use Entrust IdentityGuard system to provide strong authentication. For system operation the company had bought multiple token key rings, user access licenses for a required number of company employees and soft token software licenses.

The theoretical background of the thesis deals with data security and operation of required secondary systems witch the solution uses to operate. Data security is discussed in more detail regarding parts of data security in the company, data security policy as well as person identification and authentication. Operational secondary systems are proxy servers, directory services and VPN connections.

The main purpose of the system is obeying company security policy of strong authentication when an employee uses company private network resources from outside of company premises. The first step of authentication is performing authentication from Active Directory. The second step is completing authentication in IdentityGuard system. As a result of this thesis the company has taken into use a system that raises the level of data security significantly.