|
Page 2 of 3
Information protection
Whenever a user is registered in the domain, its information must be stored somewhere. The most secure place to store this would be in a vault. A vault that can only be accessed by an authorized person, and a vault that supplies just the information that is required and accepts new information from authorized sources.
For this purpose, we designed a separate application with exactly the purpose of being this vault. No more, and no less. It is the Backend of AuthFW. It offers a couple of protocols for trusted parties to communicate through, and that's it. The Backend has a responsibiliby to maintain the userstore, and control access to this userstore.
And to keep the Backend as secure as possible, because it is a separate application, it can be deployed behind a firewall in a safe subnet.
Information protection and exchange
At some point, though, the user information shall be used. Keeping the basic principle in mind (the user is in control), this point will be initiated by the user. AuthFW must consider the following rules:
the user is in control of its own information the user must know that its profile information is safe the user wants to use the system without bothering what's going on and make technology work for him or her First of all, it is agreed with the user that its login name is to be distributed to WebServices within the domain. Using a login name that is guaranteed unique (within the domain) will give the WebService the capability to identify a user, but it obscures the personal information of a user from the WebService.
This is good, but the usability rule is not satisfied. One advantage of storing information centrally is that it can be made available at multiple sites. AuthFW's challenge is to distribute this information in a controlled manner, not breaking the foundations, and keeping the user informed of what's going on with its personal information.
|
