The increasing importance of the
middle office as an environment to deliver flexibility, scalability and
a rich user experience in electronic services, has led to wide-scale
adoption of application server technology in finance and commercial e-business
services. Products like BEA Web Logic Server, IBM
WebSphere and Windows Server 2003, with its .NET framework technology,
provide
highly flexible
platforms for the delivery of electronic services to mass markets. However,
the built-in security capabilities of these environments
are limited, and do not reach down to the individual transaction level
so
critical in financial transactions.
Thales' SafeSign® is
a comprehensive security solution for the Application Server environment,
comprising the SafeSign User
Tokens, the SafeSign Management Server, the SafeSign Authentication Server
and the SafeSign Cryptographic Module.
At the heart of SafeSign, the SafeSign Authentication
Server provides a rich set of security services
including
digital signature
validation,
strong user authentication and robust audit trail for non-repudiation.
Easy to integrate into Application Servers, it provides
an Enterprise Java Bean component for fast and easy integration into
Java app servers, and a .NET compliant Web Services
interface for Microsoft and other environments. All relevant
standards for interoperability, including EJB, SOAP, SAML and PKIX PKI
standards.
As the need for securing application servers’ processes expands,
a new breed of security modules must also allow for these security processes
to be kept highly secure. The WebSentry™ and SafeSign® Crypto Module are
two typical examples of such security modules that offer not only high
security for keys and processes, but are also capable of delivering other
very important benefits for application server security:
- Reliability of service, through the use of failover-capable hardware
architectures
- Ease of integration, by offering a wide range of development
interface to allow for seamless and standard-based integration of
security into
the application server architecture
- Scalability and High Performance,
using optimised cryptographic processors and a transparent high performance
architecture that
automatically
offers load balancing to applications
|
