|
Secure Web
Access
|
Secure Web Access
SecureWeb™ enables you to connect
securely to the Web-based administration functions of a
remote target system. Specifically, you can manage your
mainframe’s HMC (Hardware Maintenance Console)
remotely and securely. Unlike other products that encrypt
the connection to the target system but don’t
provide adequate authentication, SecureWeb not only
ensures the security of the data stream but also uses
role-based authentication to give you unparalleled
control over who has access to a target system (or
systems) and what functions they can perform once
connected.
SecureWeb authenticates a user with a user ID and
password, using a challenge-response method that never
transmits the password from the client system to the
server. After establishing a connection, the client sends
the encrypted user ID to the server. The server responds
with a randomly generated challenge string. The client
encrypts the challenge string, using the client’s
password as the encryption key, and sends the encrypted
string back to the server, which decrypts it and compares
the result to this user’s password. If the
comparison is successful, the server grants access to the
user. Since the password is never transmitted, sniffers
or other malware cannot compromise access to the target
system.
|
|
