Security software determines how much customers can do

How would you like to give premium customers access to fancy electronic commerce, but limit what newcomers can do?

Start-up Indigo Security Technologies may have the software for you. The company is currently running beta tests on Elara, Java-based server software that financial organizations can use to set rules that determine what transactions certain customers can perform.

Based on Sun’s Java Enterprise Server Beans architecture, the Elara software is designed to enforce “entitlement rules,” said John Weinschenk, CEO and president of Indigo. For example, these rules might indicate a person is allowed to make a transaction up to a certain amount, or only do stock trades and not Electronic Funds Transfers. “Once you authenticate a user on the network, you can set fine-grain access controls that decide in real time whether any Web-based transaction should be allowed,” Weinschenk said.

This authentication can be based on the user’s IP address, digital certificate, Kerberos ticket or RAC-F mainframe authorization. The Elara software uses that information to set access-controls on Web servers that can be distributed throughout an enterprise. The central Elara “entitlement server,” as Indigo calls it, caches this access-control information in a database, and periodically replicates it to departmental servers running Elara software so it can validate Web-based transactions. Weinschenk said Elara could process for approval up to 1,000 transactions per second.

Indigo’s product, to be released in March, is derived from home-grown software developed in-house by Bankers Trust, which was bought by Deutsche Bank last year. Deutsche Bank later decided to establish an independent company – Indigo – to sell a commercial version of the Bankers Trust access-control software. Indigo Technologies plans to ship the Elara product later in March for about US$75,000 per CPU.

Will Deutsche Bank decide to eat its own dog food, as the saying goes, by using Elara internally? The bank is beta testing the software, said Phil Venables, chief information security officer at Deutsche Bank. The bank’s applications make a call to the Elara entitlement server to find out if customers are allowed to make a particular transaction, he said. But as yet, there has been no final decision on whether Elara will be used on an operational basis, Venables added.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Previous article
Next article

Featured Article

ADaPT connects employers with highly skilled young workers

Help wanted. That’s what many tech companies across Canada are saying, and research shows that as the demand for skilled workers...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now