AssureNet Pathways to Demo Web Page Authentication Technology at Interop; Web Defender Assures That Only Authorized Users Access Restricted Information.MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)--Sept. 3, 1996-- AssureNet Pathways, Inc. (formerly Digital Pathways, Inc.), provider of a broad range of network information security solutions, will demonstrate its Web page authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. technology at the Interop networking trade show in September. A pre-alpha version of the first-of-its-kind security software product, called Web Defender, will be available to selected development partners in calendar Q4, 1996, and will join AssureNet's Defender Security Systems product line in early calendar Q1, 1997. Unlike static IDs and passwords that are used in many Web server products, the Web Defender uses Defender token technology for strong user authentication See authentication. , allowing companies to enhance the security and expand the capabilities of their Web sites by easily and cost-effectively assuring that only authorized users access proprietary information. How It Works Web resources are secured by encapsulating them in a Common Gateway Interface (CGI CGI in full Common Gateway Interface. Specification by which a Web server passes data between itself and an application program. Typically, a Web user will make a request of the Web server, which in turn passes the request to a CGI application program. ) wrapper A data structure or software that contains ("wraps around") other data or software, so that the contained elements can exist in the newer system. The term is often used with component software, where a wrapper is placed around a legacy routine to make it behave like an object. which provides an active defense against unauthorized access. Authentication is initiated between the Defender Session Manager and the AssureNet Defender Security Server (DSS (1) (Digital Signature Standard) A National Security Administration standard for authenticating an electronic message. See RSA and digital signature. (2) (Digital Satellite S ) upon entry to a secured Web environment. The two-factor challenge/response process then performs the authentication. Once authenticated, any request for a secure Web page will require that the CGI wrapper first obtain permission to deliver the Web resource to the user from the Defender Session Manager. The Defender Session Manager obtains final authority from the DSS, and delivers this decision to the CGI wrapper. Authentication using the DSS is only required once. The Session Manager keeps track of authenticated users and will allow them to access other Web resources for which they are authorized within the same session. Expanding Web Site Security The Web Defender will allow companies to require that employees, vendors, customers, and others pass rigorous one-time password (security) One-Time Password - (OTP) A security system that requires a new password every time a user authenticates themselves, thus protecting against an intruder replaying an intercepted password. OTP generates passwords using either the MD4 or MD5 hashing algorithms. authentication before viewing protected Web pages. When shipped, the Web Defender will be able to secure multiple web pages, provide page-level user authorization and provide an audit trail of each user authentication. While the first release of the Web Defender will use a hardware key, later versions will utilize a software token A software token is a type of two-factor authentication security device that may be used to authorize the use of computer services. Software tokens operate on a general purpose electronic device like a desktop computer, laptop, PDA, or mobile phone. tightly integrated with a browser as a plug-in. The Web Defender is targeted at organizations with well-defined sets of users who need to restrict access to confidential information Noun 1. confidential information - an indication of potential opportunity; "he got a tip on the stock market"; "a good lead for a job" steer, tip, wind, hint, lead via the Internet and intranets. It is not targeted at customers who need to provide transaction oriented electronic commerce services to consumers. "Organizations want to use Web technology while making sure important internal information stays secure," said Ted Haynes, vice president of product marketing for AssureNet. "By making one-time password authentication easy to use on the Web, AssureNet Pathways is allowing businesses, governments and non-profits to use the Internet and intranets in ways never before possible." Kathleen E. Harvey, senior analyst at the Datapro Information Services See Information Systems. Group, adds, "A Web access control product which provides security at the HTML HTML in full HyperText Markup Language Markup language derived from SGML that is used to prepare hypertext documents. Relatively easy for nonprogrammers to master, HTML is the language used for documents on the World Wide Web. document level would be an effective tool for the commercial market. It would allow organizations to set up a single Web site with a hierarchical security structure. Publicly accessible information would be at the base of the pyramid, then customers could have access to more information, followed by intranet-type company confidential information accessible by employees only. Finally, information shared by executives only would be at the top of the access control hierarchy. This structure, while similar to the military-type method of information classification, i.e. confidential, secret, top secret, eyes only Eyes only may refer to:
Expanding Web Site Capabilities Companies will use the Web Defender to keep confidential information, such as human resources The fancy word for "people." The human resources department within an organization, years ago known as the "personnel department," manages the administrative aspects of the employees. or financial data from being exposed to unauthorized employees. Hospitals can use the Web Defender to limit access to medical and billing records to only those people authorized to review them. Insurance companies will have the ability to distribute proprietary information to their agents and end users. Companies in many industries that use the product will be able to provide private, customized price quotes over the Web to selected customers, dealers, and sales personnel. The Web Defender can be used to protect simple information located on the server in HTML format as well as information provided through the Web from other applications and databases (Web-to-host access). The product will be available initially for Web servers running on Sparc Solaris Unix platforms and will be expanded to other Unix and Windows NT (Windows New Technology) A 32-bit operating system from Microsoft for Intel x86 CPUs. NT is the core technology in Windows 2000 and Windows XP (see Windows). Available in separate client and server versions, it includes built-in networking and preemptive multitasking. platforms over time. For additional information, please contact AssureNet by phone at 415/964-0707, by e-mail at sales@assurenetpathways.com, or access AssureNet's web site at www.assurenetpathways.com. System Requirements To be used efficiently, all computer software needs certain hardware components or other software resources to be present on a computer system. These pre-requisites are known as (computer) system requirements and are often used as a guideline as opposed to an absolute rule. The Web Defender is Web server independent, but not hardware independent. It will interoperate with any UNIX-based web server running on Sparc Solaris, such as Netscape Commerce Server or Apache. About AssureNet Pathways AssureNet Pathways provides a broad range of network information security solutions that protect enterprise-wide networks from unauthorized entry, tampering and theft of information and services. AssureNet Pathways products are the most easy to use and manage, cost effective, standards-based security solutions available. Backed by more than a decade of expertise in network security, AssureNet Pathways customers include leading companies in the electronics, financial and health services health services Managed care The benefits covered under a health contract and communications industries. AssureNet Pathways is headquartered in Mountain View, with regional offices throughout the US, and in Basingstoke, UK. The company's products are sold worldwide through a network of distributors, value-added resellers and systems integrators. CONTACT: AssureNet Pathways, Inc. Earle Speranza, 415/526-2231 earle@assurenetpathways.com |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion