Access control challenges
- Authentication is the key to security.
- Proprietary logins are insecure.
- Dangerous coupling of authentication with business logic.
- Strong authentication is poorly supported by applications.
- Heterogeneous technologies are often incompatible.
- Application technology requires login processes too frequently.
Airlock advantages at a glance
- Flexibility through decoupling.
- Security through preceding authentication.
- Reduction of dependencies.
- Lower costs.
- Quicker to market.
- More secure single sign-on.
- Can be combined with WAF filters.
Virtually every modern Web application requires user identification to allow certain types and levels of access. Authentication mechanisms are usually tightly interwoven and dependent on business logic, meaning the authentication process must constantly be re-implemented and tested for every new application or update. Furthermore, the applications are open to attacks from anywhere on the Internet, even anonymous attackers. For every new application, the connection to the authentication system must be laboriously integrated and secured, which is not only costly but also increases the risk of vulnerabilities.
Secure access control is more important than any filter. Airlock provides preceding authentication, allows access control to be centralised and run independently of the business logic. This increases security and reduces costs. Directory services can be incorporated with ease. Airlock provides a simple and secure way to implement single sign-on (SSO) and identity management for Web access and new applications can be rolled out faster.
Factsheet "Secure, flexible access control for Web applications"