| Introduction |
|
vAccess is Distributed Secure Access management software that provides the following application security features in an E-commerce framework that can:
- Identify users (Authentication)
- Provides Single Sign On across multiple applications (SSO)
- Control access privileges to a fine grained level (Authorization)
- Securely manage the users organization wide (Administration)
- Securely audit the events organization wide (Audit)
- Provides personalized content generation
|
vAccess integrates and provides feature-support for all the above-mentioned security requirements based on distributed web architecture and also provides a common security model to enterprise wide applications.
|
The Object details of vAccess are explained in detail, in the following sections. |
| |
Various Objects of vAccess are |
- Authentication, Change password and Account management
- Single Sign On
- Authorization
- Administration
- Unified administration for multiple third party applications
- Security auditing
|
| vAccess Architecture |
|
|
| |
| Authentication |
|
- The Authentication feature provided by vAccess supports:
- Multiple authentication schemes
- Change credential services, account management
- User session management services
- Establishes a Uniform authentication model for web based applications and non-web based applications
- Provides Multiple authentication support to prove identities like UserId/Password and SSL Certificate
- Provides Single Sign-On for multiple applications
- Offers support for password age, inactivity age, session age, and inactivity login age
- Has a strong password implementation policy that is configurable to needs of the organization
|
| Global Single Sign On |
| |
- Facilitates access to multiple web applications
- Provides Single Sign On across multiple applications with or without SSL
- Change password facility made available for multiple applications
- Has an XML compliant configuration for adding multiple applications in GSSO framework
|
| Authorization |
|
- Offers the User, authorization services based on UserId or SessionId, Resources and Actions
- Offers group based access control associated with the User
- For supporting collaborative authorization and access control mechanisms, groups and policies are clubbed under a logical model of policy domain
- User Authorization rights can be evaluated at the group or user level
- Provides access control features to a fine-grained level
- Allows applications to offer personalized content to the users
|
| Administration |
|
- Provides secure User administration through Administration GUI
- Allows definition and management of authentication and authorization profiles
- Supports multiple administration and multiple administrator group hierarchy
- Provides generation of reports based on user statistics
- Provides single user administration across multiple applications
- Provides application specific password change management facility
|
| Security Auditing and Reporting |
|
- Provides security audit event logging facilities and security audit event based Reporting, Queries and View facilities
- Supports file based auditing as well as RDBMS based Auditing
- Provides application support for security audit
- Offers the flexibility to third party applications to create dynamic channel from an application and starts logging security related event into these channels
|
vACCESS
