With Radcas its very easy to 'retrofit' an existing authentication scheme
with OTP protection. An additional OTP input field is added to the form.
Upon invocation, a call is made to a Radius complaint OTP verification server
using RadCAS.
New! Radcas now fully interoperable with
ASP.NET
RADIUS is one of the most widely used distributed security/authentication
protocols in use today. It originally gained popularity with ISP's, where
it got its name (Remote Authentication Dial In User Service). Because of
its inherent architectural advantages, it has become widely used in other
network environments, including wireless and the general corporate intranet.
The RADIUS client-server architecture provides an open and scalable solution
that is broadly supported by a large vendor base. RADIUS provides a widely
accepted standard protocol anywhere network access servers (NAS) must
authenticate users prior to granting access to a protected network.
Radius has not traditionally been a part of web server authentication. Many
companies are in a situation where they maintain both a Radius infrastructure
and a redundant database for web access. This is particularly expensive when
the web authentication system is based on Microsoft Window's authorization
schemes.
RadCAS is TCP Data's new COM based Radius authentication package. It permits
the implementation of web access authentication using existing Radius
infrastructure. Unlike RadIIS, it is not integrated into IIS. Because of
this, if permits far greater flexibility. RadCAS permits the developer to
use more of ASP's advanced features. It further permits the use of a wider
variety of tool-sets.
With RadCAS, IIS content is usually configured for anonymous access. This
permits the implementation of secure access schemes that are free of Microsoft's
protocols and CAL authorized user licensing requirements.
RadIIS Architecture
RadCAS is implemented as an Automation server. As such, it is accessible
via VBScript, VB and C++. The following is a VBScript code sample of obtaining
authentication given Username/Password strings.
RadCAS ASP code sample
RadCAS does not specifically address the important issue of username/password
security 'on the wire'. It can, however, be seamlessly integrated with SSL
to provide a total, flexible, high-security web access solution.
New with version 1.1
Radius servers can be configured to include a variety of useful attributes
in authentication response packets. RadCAS 1.1 includes additional components
to allow access and use of this data to impliment a variety of secure variations
to the basic Radius Authentication. |
