Secure System Setup
- Secure operating environment
A secure operating environment is set up at the same time as the installation. Appropriate access permissions settings for all business resources, application administrator privileges, and the setting of encrypted communication associated with operation is enabled immediately after installation. Information can be protected from security threats such as illegal access to/communication monitoring of the business operation, and a secure business system can be set up speedily.
- SSL authentication/encryption communication
A robust security function is provided in business-to-business/ business-to-customer servers on the internet, so the setup of a secure system is enabled. SSL 3.0 client/server authentication, an encryption function, and SSL communication that uses certificates issued by VeriSign are provided. These can be managed/operated from the Interstage Management Console, and because of linkage with multi server managements management of applications is also possible for multiple servers.
- A function that tracks information leaks (Audit Trail)
In readiness for information leaks, "When, Where, Who, What, Why" information about access to Interstage is collected. Accordingly, rapid analysis/tracking when information leaks occur is possible.
- Single Sign-on
Single sign on enables access to multiple business servers. Managing a single repository of user information (ID, password, etc.) for enterprise business systems simplifies user information management (adding, modifying or removing users). You can improve usability of the system or reduce operational/installation costs of a Single Sign On system through the following features.
- User information for Single Sign On can be managed through an Active Directory. If Active Directory is used in an existing system, Interstage Single Sign On can be installed utilizing the exisiting assets.
- Authentication Server Linkage enables linking with other SAML 2.0-complient SSO systems including those from other vendors as well as another Interstage Single Sign On system. Users are authorized once by one or more of the authentication services in systems which are linked through the Authentication Server Linkage feature.
- You can utilize Windows logon mechanism so that users can logon to the server system through their Windows logon operation.
- Authentication server and repository server (which stores user information) can be built to scale for increases in the number of users. One options is to use an RDB for the user repository. You can build the system according to its scale or operation policy. Also Interstage Single Sign On has rich features for access control or session control such as an idle timeout (which revokes authentication after a specified period) or deterring duplicated login, which help maintain proper acess and user authentication.
In the Single Sign-on function, the following functions are provided:
- A function for setting up a server (business server) that provides Web-based services to users.
- A function for setting up a server (authentication server) that is used for performing user authentication (Standard-J Edition/ Enterprise Edition).
- A function for setting up a server (repository server) that manages information required for user authentication (Standard-J Edition/Enterprise Edition).
- Directory Service (Standard-J Edition/Enterprise Edition)
An internet standard LDAP (Lightweight Directory Access Protocol) V3-based Directory Service is provided. Accordingly, users and resources in the network can be managed uniformly in a directory, and user authentication is possible.