Media Net Link

Security and Access

An ongoing issue throughout the growing use of the Internet has been a way of monitoring those users who are visiting your web site. You may also face the problem of keeping users out of certain areas of your web site, ie. content protection. What if I would like to store more information about the consumers that are buying products from my web site? How will I know if someone has already visited my web site? You can solve these problems and answer these questions through Authentication.

MNL bases the Authentication system on the client's security needs. Your web site may only want to allow certain users to access certain parts of your website. You may want to keep track of customers who have purchased products or merchandise from your web site, or users who might be interested in a weekly newsletter about your business. After recognizing your needs, the next step is to find the best solution to fully accomodate those needs. If a simple solution is desired, we can implement server and application authentication systems. At the server level, Apache and IIS both have built in Authentications schemes. At the application level, you can create custom Authentication code, or use modules that already exist. We have used Perl session management modules, custom Perl Authentication modules used with mod_perl and Apache, and custom Authentication code in PHP which uses its native session management. An important idea to note is the use of SSL, which encrypts the Authentication data. Having your login encrypted is a nice security feature. There are other benefits, such as implementing a single sign-on system, such as Netegrity Siteminder, which eliminates the need to secure site-to-site transfers of users.

However, if a more complex solution is your wish, such as storage of user information, database tables and relationships will need to be planned and created. In this case, Authentication can be done through database lookups in the tables that were created. Upon entering the site with their login information, the Authentication system starts by making sure the user's information is in the database, and all information for the user is active. Upon verification of the login, the user is allowed into the site.

Media Net Link provides solutions for the entire spectrum of Authentication concerns. We have been overseeing the Authentication of a major Fortune 500 company's reseller web site. Upon arrival to the home page, the user has two choices: a) create an account, or b) enter the site. A first time user needs to create an account for access to the web site. This will be their Authentication information. Once they create their login information, they are directed to fill out a personal information page, like name, email address, address, etc. Once they complete the registration process, all of their information is stored in a database. The next time this user comes to the home page, they don't have to register again. They simply click on the link to enter the web site, and enter their login information. The Authentication process, namely a database lookup, will verify that the user entered the correct login information.