Automated Web Services for Authentication, Encryption & Digital Signatures
Trust and security are critical enablers for extending online access to information and business processes. As organizations provide greater access to sensitive information, the risk of serious damage due to malicious manipulation becomes a critical challenge.
The Entrust Secure Transaction Platform enables four key security functions to secure Web services transactions and server-based applications.
- Identification Service for Strong Authentication
- Entitlements Service for Authorization
- Verification Service for Digital Signatures
- Privacy Service for End-to-end Encryption
The Entrust Secure Transaction Platform’s Identification Service simplifies the complexities of identifying Web services and users for application developers.
The Identification Service provides a centralized capability for managing the different types of authentication methods (e.g., user IDs, passwords, digital certificates) for Web services applications.
Centrally control which identities are trusted for automated Web services transactions — even though the administration of this information may be distributed across the organization — so each Web services application does not have to manage these issues independently.
An administrative interface allows organizations to define the community of users — and types of identities accepted — who are trusted across the variety of identification methods handled by the service.
After the originator of a Web services transaction (typically in the form of a SOAP message) is identified — and a determination made as to whether or not to trust them — a decision must be made as to whether or not the requested action should be performed.
The Entrust Secure Transaction Platform’s Entitlements Service confirms that an entity accessing a Web service possess the proper authorization. Like the Identification Service, the Entitlements Service makes it possible for Web services applications to focus on business logic and rely on fundamental security operations.
The Entrust GetAccess product portfolio provides entitlements capabilities for Web portal applications exactly in this manner.
Entrust Secure Transaction Platform’s Verification Service delivers integrity and accountability capabilities for Web services transactions through centralized digital signatures and time-stamping. This service provides critical functions for business-to-business transactions such as accountability, privacy and audit.
These B2B transactions typically involve some or all of the following elements:
- Digital signatures to represent approval of the transaction by the organizations involved in the transaction
- Evidence that the transaction occurred at a particular moment in time
- Verification that the transaction has not been altered since it was signed
- Delivery of an audit trail of all records, even a significant period of time after the transaction occurred
Rather than each Web services application understanding how to encrypt information, the Entrust Secure Transaction Platform’s Privacy Service manages the complexity of using cryptographic keys to provide data encryption in a centralized service. The service understands how to encrypt information so that only specific entities (e.g., individuals or other computer processes) can access that information.
Application developers may access a full range of encryption capabilities with minimal integration effort. Because the Privacy Service knows how to find, validate and apply users’ digital certificates for encryption, developers can focus on the business logic of their applications and permit the Privacy Service to focus on the details of data encryption.