Net-Teams, Inc.
HOME | Membership Websites | SMM Solutions | CRM Solutions | Online Training Systems | Publishing | Clients | Guarantee | Log In

Digital Certificates and Secure Web Access
Submitted by Writer's Cramp Syndications | RSS Feed | Add Comment | Bookmark Me!

Introduction

This article describes the use of Digital Certificates as a mechanism for strongly authenticating users to web sites where identity information is required. Before the advent of digital certificates the only option for authenticating users to a site was to assign a username and password. Digital certificates on the other hand provide for much more robust access control and have a number of benefits over username and password.

Username and password authentication

Using username and password the process is generally as follows: each time a user wishes to access a web service the user navigates to the site and authenticate themselves to the application using unique username and password. This data is passed to the server (hopefully in an encrypted form), the application looks up the username and the password (or a representation of the password) in some form of access control list and provided the information matches the user is granted access.

This method has some obvious limitations:

* The username and password are passed over the web (encrypted or unencrypted) with the typical security concerns of interception.
* The systems administrator normally has unrestricted access to all usernames and passwords with associated security and liability concerns for the service provider (especially with confidential data)
* The user needs to remember as many usernames and passwords as are required by their applications leading to inevitable support issues to recover lost access data

Digital Certificate Authentication

The typical digital certificate web access process is:

The user navigates to the website. Before allowing access it checks the certificate against the access database. The user enters the password locally to confirming their access right to the certificate and is allowed to the website.

Benefits of certificates over username and password:

* General security is enhanced: the user needs both the certificate itself and the password to the certificate to gain access.
* The password is never passed over the web, not even during account set-up.
* At no stage do systems administrators have access to user passwords.
* The certificate can electronically sign data on the website with the benefit of non-repudiation.
* The user uses one digital identity with one password to access a range of applications (reduces passwords to remember).

Implementing Digital Certificates

All major web servers support client authentication via certificates. An SSL certificate on the web server (to support https) enables configuration of client authentication and only requires specification of the access rights for each directory served by the web server. Amend the web application to support client authentication by certificates. If any code was developed to handle user name and password, then the certificate credentials can be looked up in an access control list in just the same way. Client certificates are issued via a Public Key Infrastructure (PKI) You can choose implement your own or use the services of a Managed Service Provider such as Diginus Ltd.

Wider Use

Once customers or employees have digital certificates, the same certificates can be used to digitally sign email, PDF and web forms and Microsoft Word documents. With a few small steps a corporate website can be transformed into the centre of a powerful web services infrastructure, with single sign on to multiple web applications, signed email and forms data exchange, all the time knowing exactly who is accessing the resources and data.

Click for Details --> Customer Generating Machine <--


Contact Us
Support and Sales 		Contact Us

LinkedIn Recommendation: Junko Dohn - Search Engine Optimizer at Carry's Candles - I was impressed by the features of Teo's blogging system and hired him to create one for us. It's easy to work with and allows commenting, single sign on, and has so many options I hadn't considered. I am very happy where this is going and will have a much better service than I planned. I recommend Teo for designing any type of web system that involves complex processes - March 19, 2012, Junko was Teo's client

Welcome!

Search Articles On Net-Teams

Featured [Diginus] Articles:
Net-Teams - Helping Businesses Prosper With Custom CRM, SMM and Online Training - Net-Teams, Inc. (NTI) is a technology and marketing firm and offers access to a core set of system t...
The Benefits Of A Membership Program For Your Website - Building membership through your website allows you to automate the acquisition of prospects and cus...
eWorkshop Hosting - The More Effective Way to Build Your Business with Online Ed - More and more companies are using eWorkshops to reach out to customers, prospects and employees. An ...
eWorkshop Publishing From Net-Teams - As many people are discovering, self-publishing is a time consuming venture, which takes time away f...
What is Social Media Management And Why Is It So Critical? - Whether or not you have a customer relationship management (CRM) system in place, there is one key r...

Related Tags (related articles): Diginus (2), e-identity (1), PKI (7), Digital Certificate (2), OpenXPKI (1), SSL (94), e-government (1), e-commerce (82), (19112)

(c) 2024 Net-Teams.net Net-Teams is a registered service mark. | CMS by Article Advocates Another Net-Teams Company.