Portal Security on Campus
Securing campus Web portals involves addressing a host of issues—access
control, authentication, privacy, and security management—while still providing
the ease of use of a single sign-on. Because there are so many security products
out there, we’ve chosen to focus this month’s Round-up on a few products
that offer integrated solutions—that is, software that combines several
approaches to the myriad portal security problems you might face.
Baltimore Technologies
Baltimore Technologies PLC offers several security solutions. SelectAccess
5.0 is the company’s newest access control product. With features designed
to simplify deployment and make the product easy to use, Version 5.0 offers
a single point of management for wired and wireless users; single sign-on; role-based
access; concurrent, multiple directory support; and “management-free”
installation and configuration. SelectAccess’s unique scanning mechanism
automatically enumerates all network services and resources, such as URLs, dynamic
pages, and portal links. By scanning the material, SelectAccess saves administrators
from the time-intensive process of having to enter data by hand, which can result
in typographical errors or simply the capturing of less data. SelectAccess components
can be added in real time and configured automatically. In addition, SelectAccess
supports many platforms and works with the leading Web and application servers,
portals, and directories out of the box. Contact: Baltimore Technologies PLC,
Needham, Massachusetts; (866) SECURITY; www.baltimore.com.
Entrust Secure Web Portal Solution
Entrust Inc. offers a suite of products designed to protect Web portals from
unauthorized access and use. The suite—consisting of Entrust GetAccess,
Entrust TruePass, and Entrust Authority software—provides identification,
entitlements, verification, privacy, and security management capabilities for
Web-based applications. Entrust GetAccess is standards-based entitlements software
that serves as the security foundation for Web portals and includes support
for wireless connections. Entrust TruePass, the company’s digital signature
product, provides further customer identification and capitalizes on the strength
of Authority, Entrust’s public-key infrastructure and security management
portfolio. Entrust TruePass also provides transaction verification and audit
trails. Because it works on both intranets and extranets, users can access a
Web portal via the Internet or via their desktop intranet connections. TruePass
6.0 offers optional methods of authentication, such as smart cards and tokens.
The suite is compatible with an array of Web portal applications. Contact: Entrust
Inc., Addison, Texas; (888) 690-2424;
www.entrust.com.
Aladdin’s eToken Enterprise
Unlike the other products profiled, the eToken secure access control product
is a hardware, not software, solution. A portable USB device the size of a house
key, eToken is now available in an enterprise version as a set of ready-to-use
security solutions.
For a campus portal, that might take the form of variously
colored eTokens, with each color signifying a particular level of access to
portal data. Staff might receive blue access tokens and students red access
tokens, for instance. Systems administrators can easily integrate eToken into
an existing security framework, providing increased protection for users’
everyday operations. Contact: Aladdin Knowledge Systems, Arlington Heights,
Illinois; (800) 562-2543; www.ealaddin.com.
Netegrity’s Secure Relationship Management Platform
Netegrity Inc.’s Secure Relationship Management Platform provides customers
with a platform for securing, delivering, and presenting enterprise resources
for interactive e-businesses and campus portals. The platform combines identity
management, single sign-on and access control with portal presentation and integration
services. Integrated services are delivered as a set of shared services across
all portal applications. Administrators can define user roles and resources
as needed. The platform also offers integration with popular enterprise applications
from Siebel Systems Inc., SAP America Inc., Lotus Development Corp., PeopleSoft
Inc., and more than 75 other vendors. The suite consists of Netegrity’s
Interaction Server 5.0, SiteMinder 4.6, SiteMinder Delegated Management Services
2.0, and Affiliate Management Services. Contact: Netegrity Inc., Waltham, Massachusetts;
(800) 325-9870; www.netegrity.com.
Evidian’s PortalXpert
PortalXpert from Evidian offers plug-and-play centralized Web access control
and single sign-on for intranet, extranet, and Internet users. PortalXpert builds
an individual navigation menu for each user, based on institutional policy.
Primary features include a welcome page customized for each user’s access
profile, centralized auditing and tracking, and URL mapping, which enables administrators
to hide confidential Web addresses behind the portal. Extended audit and alarm
features enable security tracking and billing. A centralized security gateway
acts as an intermediary between the browser and Web servers. PortalXpert plugs
directly into existing Lightweight Directory Access Protocol (LDAP) directories
and d'es not require any additional software, plug-ins, or cookies on either
the browser side or the server side. It is compatible with leading portal and
application server providers, which saves institutions from having to reinvest
in order to achieve total integration. Contact: Evidian, Les Clayes-sous-Bois,
France, www.evidian.com.
Sun ONE Portal Server
The Sun Open Network Environment (ONE) Portal Server (formerly iPlanet Portal
Server) is the industry’s first identity-enabled portal server solution.
It provides all the user, policy, and identity management tools to enforce security,
single sign-on, and access capabilities for end-user communities. The Sun ONE
Portal Server also delivers personalized content, applications and services
to end users by dynamically aggregating information based on an end user’s
role.
The server works with a wide variety of authentication methods, such as
Microsoft Corp. Windows NT domains, Unix, X.509 certificates, LDAP, Remote Authentication
Dial-In User Service (RADIUS), and token-based mechanisms such as Secure Computing
Corp.’s SafeWord, RSA Security Inc.’s SecurID, CryptoCard Corp.’s
Cryptocard, Java Card technology, and smart cards. It can also provide access
for various groups using a different authentication mechanism for each group.
The Secure Remote Access Pack extends the capabilities of the Sun ONE Portal
Server, delivering patented, on-demand, browser-based secure access to portal
content and services from any remote device. It is a cost-effective, secure
solution that is accessible to users from any device with a Java technology-enabled
browser, eliminating the need for client software. Integration with the Sun
ONE Portal Server ensures that users receive secure, encrypted access to the
content and services that they have permission to access. Contact: Sun Microsystems
Inc., Santa Clara, California; (800) 555-9SUN; www.sun.com.
