Client Certificate Authentication

In typical SSL connection, the client connecting to the server checks the validity of the server by verifying the server’s certificate before the transaction initiated. However, in some situations, the server also needs to authenticate the client (it verifies that you are who you say you are). Client certificate authentication is a mutual certificate-based authentication, where the client provides its […]

What Is HSTS and How Do I Implement It?

HSTS (aka HTTP Strict Transport Security) is a web security policy mechanism that helps to protect websites against man-in-the-middle attacks such as protocol downgrade attacks and cookie hijacking. It allows web servers to declare that web browsers should automatically interact with it using only HTTPS connections, which provide Transport Layer Security, unlike the insecure HTTP used alone. HSTS is an IETF standards […]

Hardware/Software SSL/TLS Performance Testing

The AppScaler appliance with hardware ASIC SSL chip provides a 25x increase in SSL/TLS performance. And there is no performance overhead in CPU utilization, much more SSL connection per second and SSL throughput for both RSA and EC cryptos. AppScaler supports Hardware SSL Acceleration cards from Marvell and Intel: Intel Coleto SSL chip Cavium Nitrox PX, Nitrox III and Nitrox […]

Single Sign On – FormBased To FormBased

When using Client Form Based and Server Form Based method, you can program the attributes to be sent to backend applications through POST method. It can make the integration between common authentication services with specific backend application servers. For instance, when the client logins the built-in HTML form, AppScaler will store its credentials and other attributes to the backend application. […]

ASIC-based SSL Offloading

What is SSL Offloading? Secure web traffic by SSL/TLS is now the standard for web applications and web sites. SSL handshake is very CPU intensive and thus has a significant negative impact on performance. E-commerce sites are especially prone to SSL bottlenecks, and companies may lose business when customers encounter slow response. SSL offloading is the method of using dedicated […]