pg_hdr
Sevan Networks Logo Identity Authentication for Web Security
home solutions products white papers about us
"The product relies on public key authentication to increase user convenience and strengthen security. However, deployment and management are simple and the cost of ownership is low because the product doesn’t require an infrastructure like other public key based solutions."

-- Matthew Kovar, CFA,            Yankee Group

Application Integration Options

Some web applications require authenticated information about the user. This might be the user's name, account number, or organizational affiliation.

The WSA can optionally pass user-specific information to an application through cookies, HTTP basic authentication, and URL mapping. The application trusts this information because it is based on the WSA's authentication of the user's identity.

For each application the administrator configures the value of the user-specific information and how that information is to be passed to the application. A user might have his account number passed to one application as a cookie and his name and department to another though a URL.

Application integration provides the best of both worlds: security is separated from the application, but the applications can securely benefit from identity-specific user information.

Benefits:

  • Passing user-specific information in HTTP headers provides a quick way of converting applications with HTTP basic authentication to certificate-base authentication.

  • Passing user-specific information in cookies provides a quick way of strengthening applications that use cookies to track users.

  • Identity-specific URL mapping provides a robust mechanism for personalizing web sites. This feature allows the WSA to direct each user to his own set of web pages without exposing the URLs of those pages to the Internet. Furthermore, the WSA absolutely prevents one user from accessing another user's page.

Copyright 2002-2009 Sevan Networks, Inc. All Rights Reservedd