Jump to content Japan - English

Software(Japanese)  >  Security(Japanese)

IceWall SSO

What is IceWall SSO? > Benefits > Reliability

IceWall SSO

What Is IceWall SSO?
» What is Single Sign-On?
» What is IceWall SSO?
» Benefits
» Basic Features
Product Specifics
» Basic Architecture Diagram
» Operating Environment
» Reference Price
» Options
» Case Studies
» Online Demo
» Support
» Implementation Services
» Contact Us
Related Products
» IceWall Federation
» IceWall Remote Configuration Manager

IceWall’s Office 365cloud Federation

»What is Single Sign-On?

»What is IceWall SSO?


»Basic Features

IceWall SSO-Five benefits  » Navigate to Benefits List
» Care

Reliability - Improves the reliability of your business by enhancing security.

IceWall SSO assists your business in gaining trust from your customers and the society by enhancing the security of personal and confidential information handled in your business to ensure the safeguarding of such precious information assets.

IceWall SSO improves the reliability of your business by enhancing security.
IceWall SSO improves the reliability of your business by enhancing security.

IceWall SSO is certified with ISO 15408.
The core functionality of IceWall SSO, such as Web application authentication and access control, is certified with ISO/IEC 15408 EAL1.
ISO/IEC 15408 is an international set of standards intended to ensure that IT based products and systems are properly designed in terms of security and implemented exactly as designed.

1. Prevents ID/Password Leaks

Humans have limited information processing capacity and are not designed to keep many IDs and passwords in memory. Things get more worse if they are periodically changed! Users might personally maintain multiple ID and password combinations for example by writing them down on a notebook or piece of paper, saving them in a file on their own PCs or having them memorized by a Web browser. But all these would pose a significant vulnerability towards security threats.
If the environment provides the users with the ability to authenticate only once and then have access to multiple applications (the single sign-on ability to be exact), they only have to remember a single password. A single password is easy to memorize without using insecure means such as noting the password down somewhere. As long as they only have to maintain a single ID and password combination, the users will not be so frustrated with using complex passwords or changing passwords frequently. Ensuring that each user maintains a single rather than multiple ID and password combinations will translate into enhanced security.

2. Prevents information leaks

One of the essential steps to establish the internal control in an organization is to restrict user access to the set of information assets each user is authorized to access. For example, if anyone is allowed to access financial data sheets and there is no means to track who has accessed that information then it would be extremely difficult to verify and prove the authenticity of the data in the financial data sheets.
IceWall SSO provides visibility into user behavior through access control and centralized log management. It allows organisations to appropriately manage the user permissions so that unauthorized access can be prevented.
Also, best practices for internal control include managing user identities as well as implementing access control prior to implementing the internal control system.
IceWall SSO implements and integrates the 4 A's (Authentication. Authorization, Administration, and Auditing) of access control. It helps to protect against unauthorized access and prevent information leaks by centralizing access control and log management.

3. Defends against HTTP attacks

The IceWall server is capable of defending against HTTP based attacks such as cross-site Scripting (XSS) and buffer overflow. IceWall SSO provides four filters (GET send Data, POST send Data, HTML, and host filters) that serve as preventive measures against cross-site scripting. Also when it encounters a URL or QUERY_STRING value longer than a certain limit, IceWall SSO prevents possible buffer overflow attacks by either truncating the value or using a path via IceWall SSO to forward the request. Each Web server must individually implement the defense against HTTP based attacks since they cannot be blocked in firewalls. IceWall SSO provides a more efficient alternative: you can centralize the defense by placing the IceWall server on the front end of Web servers.

4. Enables strong authentication

The strength of authentication is vital in a single sign-on environment where a user can authenticate only once and then have access to all of the resources the user is authorized to access. IceWall SSO provides strong password policy functionality. It allows you to configure strong and granular password policies by not only specifying the password length and expiration but also rejecting the use of particular strings in a password and the reuse of passwords that have been used before. IceWall SSO provides centralized and thus simplified management of password policies. Furthermore, it provides support for not only ID/password authentication but multi-factor authentication implemented in conjunction with latest authentication solutions such as electronic certificates, IC cards, tokens, and cell phones. You can choose an authentication method from a variety of authentication methods as appropriate according to your needs from various aspects such as security levels and convenience.

5. Provides the highest available encryption level

IceWall SSO provides the highest available level of encryption strength.
ICP (IceWall Cert Protocol) 2.0 provides support for multiple alternative encryption methods, which means that you can select the encryption method and level that is the best suit for your specific environment. It delivers the abilities to protect passwords stored in the authentication database with SHA-2 and column values encryption in the authentication database. All these enable secure management of critical information stored in the authentication database.
In addition, you can encrypt the communications between the IceWall server and agents to secure the data from eavesdropping or theft.
» Back to the top of this page
Printable version
Privacy statement Using this site means you accept its terms  
Please note: all of the links on this page navigate you to pages in Japanese.