|
| |
|
| Emmi
> Secure Environment
Emmi is an online application
where the users belong to a bank, a major
corporation or a broker/dealer. The purpose
of the application is to manage the issuance
process of billions of dollars (pounds,
euros, yen, etc.) of debt instruments. With
a user base and purpose like this, security
is taken very seriously.
Emmi views security
as a two-pronged activity comprised of technological
tools and enforced business practices.
Technology:
Emmi was built with the realization
that if an IPA is hosting the application,
the IPA already has security technology
in place and that Emmi must work with this
technology.
 Standards-Based
Ground-Level Security
| Emmi supports SSL for
encryption of Internet traffic. On
top of SSL, Emmi employs 128-bit one-way
hashing of user names and passwords
in the browser and in the system's
database storage of these values.
|
Standards-Based
Platform for Advanced Security
| Emmi was designed
using standards-based technologies
such as Microsoft ASP and ODBC attachable
databases such as SQL Server, Oracle
or BD/II (the standard implementation
makes use of Microsoft SQL Server).
Using these
technologies as a base, additional
levels of security can be added
according to the application host’s
security practices. For example,
database encryption isn’t
restricted based on encryption key
origination or vendor technology
and application access isn’t
restricted to just user names and
passwords.
Perhaps the
most important aspect to the Emmi
approach to security is the fact
that operating system and browser
patches can be applied without fear
of breaking an AMIC-proprietary
technology.
|
Best
Technology Practices, Yours and/or Ours
| AMIC can help
you implement Emmi within your existing
security framework, or we can help
you establish a framework that can
be applied to Emmi or across your
entire spectrum of online applications. |
Business Practices:
Unlike applications that are put in place
for strictly in-house use, Emmi must be able
to accommodate the needs of multiple organizations
(the IPA, issuer and broker/dealer) and enforce
the security-driven business practices that
they establish.
User
Creation and Management
Emmi allows the
IPA to either take control for the
creation and management of all users,
IPA, issuer and broker/dealer, or
to create an administrator within
each of these organizations that
has the ability to self-manage the
creation of users and establishment
of user-rights.
From a security
perspective, this self-management
capability provides each organization
with the ability to immediately
react to personnel changes or changes
to a user’s assigned palette
of rights. This empowerment has
the added benefit of reducing the
IPA’s customer support for
chores such as the creation of new
users and the resetting of lost
passwords.
|
Extensive
User Rights Palette and Process Flow Controls
| Emmi provides
an extremely granular palette of user
rights making it possible for an administrator
to establish process flow rules intended
to enhance security. For example,
users can be created that have the
ability to enter trades while other
users have the ability to approve
trades. With these rights in place,
it is possible to create process flow
rules such as trades must be reviewed
and approved by a second user.
These rights
and process flow controls can be
extended across organizations allowing
the creation of rules that require
actions be taken by a counter-party
user and rules can be created requiring
two-party validation of non-transactional
data, such as a change of a account
number used for automated money
transfer.
|
Real-Time
User Visibility and Management
| Administrators
(IPA, issuer and broker/dealer) are
provided with real-time visibility
into the online status of users belonging
to the administrator. The administrator
has the power to selectively eject
users from the system, revoke or change
passwords and to change user rights.
All of these actions are applied in
real-time insuring the ability to
immediately react to a security issue.
|
| |
|
|
|
|
|
