Application: Any Web site or application requiring higher security than a simple user name / password protection for access through a navigator (Internet Explorer): Internet site with sensitive or paying content, intranet, extranet, Web-enabled information system, back office, ASP, etc.
Validy Web Business is a software security component that enables to create a trusted space with restricted access on the Internet, accessible only to known users identified through two-factor authentication. Based on a client/server architecture with symmetric keys, the solution provides access control and strong authentication of users through a cryptographic challenge to their secure token (smart card or USB key). Data flows between the client and the server, both upstream and downstream, travel encrypted over the Internet, using a native and transparent encryption over HTTP, based on triple DES for key derivation and AES with 128-bit keys for data encryption.
Implementing the solution is simple and fast, with the addition of a software module to IIS or Apache, without any trusted third party or additional authentication server. Validy Web Business is an alternative to the PKI technology. Deployment is simple, a customization program that comes with the package enables to electrically parameter the secure tokens. In the case of protecting paying content, two options enable the implementation of two business models:
- Validy Web Use enables to restrict access to encrypted prepaid Internet content meant for identified users authenticated through their smart card or USB key..
- Validy Web Units enables to restrict access to encrypted prepaid web content meant for unidentified users. User authentication is carried out through the keying in of tamperproof and impossible to invent IDs.
These IDs contain information and in particular a unit credit, which will be consumed as the site is browsed or the service used. The IDs can be sold on scratch cards or delivered directly online. In both cases, a point value is associated to each page served, and deducted from the user's credit by the server as the service is consumed.