Novell is now a part of Micro Focus

Enabling E-Business through Novell's iChain

Articles and Tips: article

01 Apr 2000


iChain is a solution that provides your company with the capability to transform your business processes to the Internet. iChain is the first Internet product to provide Business to Business Management, Communities, and E-Commerce Application Integration all in one package. This article discusses the iChain features and components, along with a solution discussion for each of the product's main features. In addition, this article discusses the value of Extranet Access Management, a core feature of using the Novell iChain platform.

The Challenge: Transforming Your Business Processes to the Internet

E-business is becoming one the most important strategic business issues today because of its vast reach and enormous publicity. Conducting business online is no longer a luxury, but a business necessity. IDC predicts that the amount of commerce conducted over the Internet will top $3 trillion by the year 2003. The number of users who make purchases over the Web will jump from 31 million in 1998 to more than 183 million by 2003.

Enabling your network to conduct business activities on the Internet will become the most important IT activity you embark upon over the next several years. For many industries, the Internet is displacing the old ways of conducting business altogether. For others, transacting business on the Internet is becoming an extension to current operations, further enhancing their capabilities and profit potential. Either way, the business case for moving part of or all of your business to the Internet is very compelling, if not vital to your business' success.

So, what is e-business? E-business can be considered the transformation of key business processes through the use of Internet technologies. E-business includes e-commerce, customer relationship management, supply chain management, and internal or corporate management of valuable information. Businesses will operate more efficiently on the net as they learn to apply new technologies to their existing business processes. Companies large and small can now use the Web to communicate with their partners, to connect with their back-end data-systems, and to transact Internet-based commerce with customers. For many companies this means taking their core business processes and applying Internet technology to them.

The idea of Internet enabling a business may sound simple, but you need the right software solutions and the right technology framework to make it happen. The software solutions are many and varied. They include applications from Novell and other vendors to enable transaction management, provide procurement of goods and services, enable business to business commerce, and so on. Additionally, your solution must also include a framework that enables security, relationship management, and other services. All of this technology must work together to transform your existing business processes to the Internet.

The Solution: Business to Business Management, Communities, and Application Integration

Novell introduces iChain, which is a secure platform for managing and conducting business on the Internet. This product provides fundamental software solutions for conducting and transforming your business processes to the Internet. These solutions provide management of your business operations such as access and policy controls, supply-chain management, and personalization for the end user. iChain also includes the ability to create communities and manage them, and integrate many varied e-commerce applications. Many e-business applications use a relational database like Oracle to store user names and profiles. Although your optimal solution will use Novell's eDirectory, iChain can take advantage and consume information found in other directories and back end databases. iChain is based on Novell's eDirectory (NDS) and provides the following key benefits:

  • Hierarchical model with privileged inheritance and common security model

  • Central profile/policy/identity management

  • Single Sign-On

  • Transaction authorization and management

As shown below in Figure 1, iChain provides you with a solid foundation to deploy Novell Directory commerce applications along with e-business applications from other vendors allowing you to transform your business processes to the Internet.

Figure 1:iChain provides a solid framework with Web security and management capabilities to jump-start your entry into e-business.

Business to Business Management

Business to Business management is the ability to provide commerce-related capabilities between a company and its partners and a company and its customers. These processes can include content management, supply chain management, and customer relationship management. Content management is the ability to provide access to your customers to particular types of data depending on their access rights. Supply chain management could be any solution related to your business partners such as procurement, inventory management and logistics. Customer relationship management includes solutions that encompass the entire sales cycle including demand creation, order placement, distribution, and customer service. The benefits to successfully managing business activities on the net are enormous and can include:

  • Increased profitability

  • Segmentation of your customer base with targeted advertising or assistance

  • Improved customer retention and brand loyalty

  • Improved customer satisfaction through a fast and efficient Web site

  • Increased customer mindshare

  • A competitive advantage against other companies in your industry

Communities

A community can be considered a grouping of people or services around a Web site that share something in common. For example, an auto manufacturer could build a community that includes customers and suppliers such as accessories, tires, and repair. So, a customer can join a community (automobiles, for example) and can go to that single online source to find many products and services associated with automobiles. The provider of such a service benefits by being the aggregator and perhaps receiving a fee for each transaction that their site brings to the vendor participating in the community.

Internal communities can also be created within a corporation at a departmental level with groups of users with common needs or interests. iChain contains the following community services that are their uses are highlighted in greater detail later in the Directory Commerce Scenario:

  • Community creation and access privileges

  • iChain end-user portal at login

  • Bulletin Boards

  • Threaded discussions

  • Easy management of communities through Novell utilities

E-Commerce Application Integration

The iChain platform provides you with the capability to easily introduce e-commerce applications for any type of commerce. You can use Novell commerce applications such as On-Demand, or you can use third-party commerce applications to meet your particular needs. Additionally, a set of iChain Application Programming Interface (APIs) is provided for customization of iChain functionality. Two brief scenarios are discussed at the end of this document and detail approaches to using the iChain product.

Scenario 1 is a Business to Business scenario and demonstrates how you can use iChain for Extranet Application Management (EAM). EAM is the ability to provide security for Web hosting so that external and internal users can access corporate information based on particular policies that you can define and store in the NDS eDirectory. It also discusses the ability to provide directory synchronization to disparate directories.

Scenario 2 takes a look at using Novell's Directory Commerce Services to create a storefront for conducting commerce transactions such as software leasing. The solutions that can be orchestrated through iChain are endless. Whatever solution can be provided on the net will take advantage of iChain's superior security, management, and directory capabilities.

iChain Overview

iChainis a trusted e-business network providing a common security and management framework and integrating all your e-business applications. Through its integration with directories, ERP systems, applications, databases and Web servers, iChain provides a bridge between your intranets and extranets. iChain utilizes Novell's eDirectory, benefiting from its security, manageability and scalability. With iChain, users can be assigned privileges reflecting their role in the business process and are provided customized, secure access to information and services based on their identity. This way, the users on your intranet take advantage of the same benefits as the users on the Internet.

Regardless of network platform, iChain can be the integration point for all your enterprise, e-commerce, and extranet directories. iChain integrates more Internet and de facto standards than any other directory, enabling it to easily interoperate with your existing technology investments as well as take advantage of current leading edge and future standards-based applications.

iChain lets you more effectively tap into the Internet's information economy while enabling you to easily and securely manage the "e-relationships" that you have with all your customers, vendors, suppliers, and partners. iChain provides a foundation for building secure and custom e-relationships, enabling you to continuously improve all aspects of your e-business. It is the only product that enables your customers to securely populate customer-accessible directories. It also provides a secure and controlled information infrastructure that lets you and your e-business partners' directories directly communicate and update each other. The enabling of such online collaboration into your business transactions lets your e-business dynamically respond to customer and partner demands at true Internet speeds.

Many of today's e-business applications, such as supply-chain management, customer relationship management, and e-commerce applications, are written to take advantage of open Internet standards such LDAP, XML, PKI, SSL, and others. These standards allow for standard access, schema, format, transmission, and protection of information that is written to and read from directory services. The result is that companies that rely on iChain benefit from simple integration with existing applications and a friendly development environment, resulting in rapid deployment of e-business solutions.

LDAP has become one of the most important directory access protocols because of ease of development and cross platform nature. iChain natively implements LDAP v3, enabling your favorite e-commerce applications to run in an iChain environment. Additionally, you can leverage the inherent scalability, manageability, and security of iChain to get the most out of all of your e-commerce applications.

iChain enables you to extend your information infrastructure so it can be leveraged by e-commerce and Internet-based business-to-business operations. It acts as an integration platform, allowing all components of your e-business network to share intelligence, data, and relationships. By cohesively bringing your critical information and trusted relationships under a single management umbrella, iChain greatly facilitates the deployment of e-business applications that can leverage your information and build your e-relationships. iChain is the information integration point for all your internal enterprise services as well as all of your Internet related services facilitating the deployment of your e-business. An example of this platform is shown in Figure 2.

Figure 2: The iChain architecture.

The CIO's Checklist

As a CIO you have the responsibility and opportunity to oversee the transformation of your business processes to the Web. The following areas should be considered as you approach this business transformation and consider which products to use. You need to consider your business needs, your current network capabilities, and the level of security that will be necessary for your business operations.

  1. Carefully determine your business needs in the Internet space. What are you trying to accomplish?

    • Internet commerce and storefront applications

    • Customer relationship management

    • Supply chain management

    • Personalization of your Web site for each user

  2. What type of security is required for your solution?

    • Password Authentication only

    • Mutual Authentication with X.509 Certificates

    • Strong authentication using tokens, etc

    • SSL Connections between users and Web servers

    • A combination of solutions

  3. What type of access to your Web servers will be required for customers, suppliers, and employees?

    • Policy-based administration for all users, suppliers, and employees

    • Granular security controls for administration delegation

    • Self registration capabilities for all users at your site

  4. Why is a directory service important to your solution?

    • Directory reliability and scalability

    • Eliminates redundant corporate information

    • Provides the mechanism for policy-based security and administration

  5. Are communities important to your solution?

    • Provide a mechanism to bring vendors or departments together

    • Powerful mechanism for security assignments

    • Portal capability for members of the same community

  6. Do you have a platform now which will allow for easy application integration?

    • You may deploy many commerce-type applications

    • You need a stable and proven platform to deploy your solutions

You will want a common security model and directory store for all commerce applications.

The iChain Components, Functions, and Features

The iChain solution utilizes industry-leading technologies, including Novell's eDirectory. With iChain you have powerful Internet solutions on the front-end along with the powerful back-end security and management infrastructure that are required for today's business solutions. The iChain foundation consists of two components, The iChain Proxy Server, and the iChain Web Server. The iChain Proxy Server provides ACL checking and object level access controls for users logging into your network. The iChain Web Server can be any Web server you have running at your site. The following is a listing of the components and capabilities of iChain:

NDS eDirectory

The NDS eDirectory is the underlying data store for iChain. NDS is used to store and maintain configuration, access control, and relationship information for users accessing the system. Information about the iChain Proxy Server, the accessible Web servers, community membership, access control policies, special features, and customized user interfaces are stored within the NDS eDirectory. This allows you to configure and manage iChain components and features from the NDS management interface, quickly and easily.

In addition, using NDS provides for easy integration with external applications by supporting LDAP and dirXML (Directory Extensible Markup Language) to synchronize disparate directories. The NDS eDirectory natively supports LDAP version 3. As LDAP becomes the industry standard for application-to-directory access over the Internet, this gives you tremendous platform independence when implementing applications. Any application written to use LDAP as its directory access protocol can use the NDS directory as its data store. This means that all your LDAP-compliant applications are already NDS applications.

The NDS eDirectory also supports dirXML, giving you further platform and application integration flexibility. dirXML is quickly becoming the industry standard for directory-to-directory communication. DirXML lets you maintain the proprietary directories for applications in your network while allowing this information to be exchanged between the proprietary directory and NDS. This enables you to integrate proprietary directory-based applications into your iChain infrastructure.

The iChain Proxy Server

The iChain Proxy Server is the key component of your iChain infrastructure. It can be placed behind your firewall in your network and can be the primary access point for all users into the infrastructure. To access the Internet services on your network, users must log into the proxy server and authenticate. Authentication, access privileges, and community membership information is stored in NDS. The proxy server enforces the access control policies for the user and serves up a customized user interface for the user based on community membership. The iChain Proxy Server is a reverse proxy. It provides HTTP acceleration, allowing iChain to offload this process from your Web servers so they can focus on application tasks.

Web Server

The iChain infrastructure supports or integrates with a variety of Web servers, however, the NetWare 5 Enterprise Web Server is shipped with the product.

Web servers serve up the data through applications end-users need to access. They also provide Web interfaces to integrated applications. In addition to the Enterprise Web server provided, iChain integrates with the following Web servers:

  • Microsoft Internet Information Server (IIS)

  • Netscape Web Server

  • Apache Web Server

Extranet Access Management Capability

Extranet Access Management (also known as User Access Management) is the ability for a company to manage and protect the information and integrity of their Web business transactions over the Internet while providing internal employees and customers with access to their Web site. All Web sites conducting business on the Internet need powerful security and granular access controls that can be applied with varying degrees to all visitors to the Web site. The solution must also have the capability to scale to millions of users. As Web transactions increase, security becomes even more paramount for the customer's Web business.

iChain integrates all aspects of your information infrastructure including the security services required by your e-commerce applications and the information vital to your e-business. iChain lets you protect your investments and secure your relationships with your e-business customers and partners. iChain employs a standards-based security infrastructure that provides administrators with easy, flexible control over your network's security policies. PKI, cryptography, and authentication services are integrated with the directory, allowing administrators to centrally manage policies and control access across the entire network. Modular authentication services enable non-NetWare clients to authenticate to NDS via LDAP3. iChain also provides flexible user authentication support ranging from passwords encrypted over Secure Socket Layers to X.509v3 certificates and smart cards. Novell's Single Sign-on service enables e-business applications to leverage the NDS user authentication scheme so users only have to log in once to your Web site in a secure and trusted manner.

Delegation of Authority. With iChain you have the capability to easily manage a small group of users up to millions of users. It may become impractical for a single group to manage all access and security for the entire organization. With iChain, you can assign responsibility to multiple entities to manage their portion of the system.

Strong Security. Security services provide the infrastructure within iChain to provide authentication and ensure data confidentiality. iChain provides the following security-related services:

  • Authentication flexibility. iChain supports multiple authentication mechanisms, including NDS user ID and password, token-based authentication, and mutual SSL authentication. For NDS user ID-based authentication, the administrator can set up contexts in which to search for users and contextless login can be supported. Single sign-on is also supported so that once an iChain user is authenticated by the iChain Proxy Server, he can access the data on other Web servers without reauthenticating.

  • Ensure data confidentiality. iChain includes several mechanisms to ensure that data confidentiality is not compromised. VPN functions are available that provide both server-to-server and server-to-client confidentiality. SSL is fully supported. In addition, if you want to make sure your data is always encrypted, you can enable the SSLizer on the link. With the SSLizer, all data between the proxy server and the end user's browser will be redirected to and served to the end user through a secure connection.

  • Provide Public Key Infrastructure (PKI) services and distribute X.509 Certificates. iChain includes NetWare PKIS 2.0 services. This lets you manage certificates and set up a mechanism to easily distribute certificates to users. Administrators generate certificates for iChain users, and iChain end-users simply click on a link to receive their certificate. iChain also supports 3rd party vendor certificates as well.

Policy Management

iChain allows you to capture identity information on your customers, suppliers, and business partners. This identity information lets you create highly personalized profiles on everyone that interacts with your e-business. As a result, NDS eDirectory lets you tailor your services and applications according to the individual needs and desires of your customers and supply-chain partners. These custom offerings and services will enable you to build loyalties to your business that will contribute to your bottom line and provide you a targeted audience as you expand your business offerings.

For example, as customers browse your company's Web site priceless marketing data can be gathered in the form of identity information; including customer demographics, buying patterns, customer transactions, product interest, satisfaction levels, product feedback, and so on. iChain lets you leverage and maintain this information in a way that lets you get the most out of your e-relationships.

Additionally, as you coordinate your customer interactions, iChain extends the reach of your existing infrastructure to your employees, customers, and supply-chain partners, giving you control of critical e-business processes. It opens the door for secure extranets, allowing you to expose needed portions of your network resources over the Internet to specific business partners in order to facilitate collaboration and increased productivity.

Directory Commerce Services

Everyone recognizes the power and seemingly endless opportunities the Internet can bring to the business world, but how does that all apply to you? The average business is faced with hundreds of business processes, all of which may need to be modified in order to participate in the evolution of e-business. Novell, in concert with leading providers of merchant services brings the world of e-business to you. By leveraging your existing processes, and expanding the power of Novell's Directory Services, Novell introduces Novell Directory Commerce Services.

The Directory Commerce Services concept was born out of the constant plea by Novell customers for a solution that would assist them in moving from a brick and mortar world into the world of e-business. End-user tours were conducted, and feedback solicited which helped to provide the necessary input to ensure the success of a complete solution.

Novell customers understand the power of NDS. Directory Commerce Services takes the power, familiarity and flexibility of NDS to new heights by adding the ability for users to add "for fee" based goods and services as objects into the directory environment. Access to these services can then be extended to logical parties based upon their authorization to access those services. Novell Directory Commerce Services also provides the necessary technology to bill for, and report on the access and use of those objects.

Novell Directory Commerce Services is the solution you have been looking for to take current business process to the Web and beyond. This solution puts the power of e-business into your hands all within a common and familiar environment, which ensures a cost effective, reliable, and secure environment to conduct e-business.

Enabling the e-business process has been considered a daunting task. Simply identifying the necessary pieces represents a significant roadblock. It has been said however that if you don't your competition will show you how. With Novell Directory Commerce Services, you are already half of the way there. The power of Directory Commerce Services comes from the strength and extensibility of the directory your already using, NDS. Directory Commerce is simply one of many new services to be coming from Novell in the near future that runs on the top of NDS. The Directory Commerce Services component is written in a non-proprietary environment and comes complete with a software developer kit that provides for the ultimate in flexibility. Users may either deploy the turnkey solution of Novell, or integrate it into their own billing and reporting tools using the SDK.

Through strategic partnerships, and cooperative development effort, NDS has now been enabled to provide entrance points into merchant services gateways which authorize, process, and manage credit card and electronic check transactions in a real-time, in an online environment, from any computer with an Internet connection and a Web browser. Directory Commerce Services provides a complete solution for your e-billing and management needs. These services can be completely branded by your company so that it appears that your customer has never left your environment from beginning to end.

Novell Directory Commerce Services is yet one more evidence of Novell's ability to get you where you want to be, and to provide you with the necessary tools to manage your business your way.

Communities

Community services allow you to manage users and user access in your iChain infrastructure. iChain enables the following community-related services:

Create Communities. iChain allows you to create communities of users and define access policies for those users. You can create brand new communities, convert NDS groups into communities, or recycle existing communities. To recycle existing comminutes, iChain uses a Role wizard interface that takes input from the LDAP Data Interchange Format (LDIF) or comma-delimited files defined by Novell, and populates the directory-based community with those identities. You can also create subordinate communities within a community and set up different access policies for the sub-community. Each community can have its own administrator and customized interface.

Community Self-Registration. iChain lets you set up communities to which users may self-register through a customizable form. When users register, the administrator for the community is automatically notified by e-mail and a log entry is made into a text-based self-registration log file. Certificate-based technology is available to allow you to verify the identity of these users. You can also allow community members to change information about themselves.

Customized User Interfaces for Communities. When users log in to iChain, a custom home or portal page for members of their community is displayed containing links only to the services that community needs to access. These portal pages can be set up to provide the user with FAQs or online, context-sensitive help via a tab. The portal page can be quickly and easily assigned, changed, or reassigned through the administration console.

Configure a Variety of Useful Community Services. iChain allows you to set up news-type bulletin boards and threaded discussion groups. The servlets that support these services can run on either NetWare or NT. iChain lets you list the members of a community and use this list to send coordinated or targeted email messages. iChain also supports America Online (AOL) instant messaging and allows you to define URL links to points of interest for a community that will be displayed on the portal page.

E-Commerce Application Integration

iChain allows you to easily integrate third-party e-commerce applications. iChain APIs are also available to enable other application developers to integrate into the iChain structure and customize the portal. iChain currently integrates easily with the following categories of applications:

  • Messaging systems

  • E-Commerce

  • SQL Databases

  • ERP

  • Web Publishing

  • LDAP Directory support

Novell's Application Programming Interfaces. Novell provides a set of Application Programming Interfaces to customize access, community, and NDS functionality. Technical information regarding APIs can be found on the iChain SDK.

Business to Business Management Scenario

A major manufacturing company with 65,000 employees is looking to create an information structure to meet the needs of its expanding employee, customer, and supplier base. They are looking for a secure way to grant access of Web-based corporate information to their employees and customers. They feel that this issue will be a huge administrative task and they are looking for answers on how this can be accomplished. The company also has multiple directories in place for network users, email, and employee data that they would like to keep synchronized. As the company creates more Web-based applications they would like to offload the security and authentication to another system. They are also looking for a way to streamline their cumbersome authentication methods to many different Web applications.

This company has the following goals:

  • Web-based access controls for the corporation's intranet and Internet environments

  • Provide an environment that can scale to very large numbers of users and other information

  • Easy access to applications for employees and customers

  • Compatible with multiple corporate directories with the capability of keeping those directories synchronized

  • Strong authentication capability that must be implemented where sensitive data is concerned

With those goals in mind, the customer has set out to find a vendor who can respond to these needs most closely. Based on this request Novell recommends the iChain architecture because this company needs extranet access capability with a stable and mature directory.

Novell addresses the company's goals with the following explanations:

  • Web-based access controls for the corporation's intranet and Internet environments

    This company's access to intranet and extranet will be directed to Novell's iChain Proxy server where the users will be authenticated to the Web site. Based on various policies that will be set up, this company's Administrators can require additional stronger security depending on the data that needs to be accessed. This will allow administrators to grant employees limited access to documents when viewing them over the Internet from their homes, for example. NDS rules such as Access Control Lists (ACLs) can also be passed to various Web applications for additional restrictions at the application level. Additionally, the iChain Proxy can pass configurable user information to any Web application. Contained in the HTTP header is administrator defined information that controls application logic and determines which Web pages (or objects) will be displayed to the user, group, or community.

    This company will also implement certificate-based security with Secure Socket Link (SSL) connections using Novell's iChain software.

  • Provide an environment that can scale to very large numbers of users and other information

    Key to this company's solution is using Novell's eDirectory on NetWare 5. eDirectory has been tested to scale to over a billion users. Novell's eDirectory has proven reliability and is running at production sites around the world. Novell's eDirectory supports LDAP v. 3 and so any directory-based application that uses LDAP can use eDirectory as its store. Additionally, through DirXML other directories can be synchronized with eDirectory so that you can take advantage of other directories as well.

  • Easy access to applications for employees and customers

    iChain provides Web acceleration through its reverse proxy technology and will provide users with fast access either inside or outside the company's firewall. Additionally, with Web single sign-on users will not have to authenticate to every Web application they use. This service is performed in the background for them.

  • Compatible with multiple corporate directories with the capability of keeping those directories synchronized

    A robust directory solution through iChain also provides the DirXML tool that allows this company to connect to multiple and disparate directories for synchronization purposes. This tool will allow the company to synchronize directory information from their corporate email directory to their Netscape directory and so on.

  • Strong authentication capability that must be implemented where sensitive data is concerned

    Authentication flexibility is key to this company's need. iChain supports multiple authentication mechanisms, including NDS user ID and password, token-based authentication, and mutual SSL authentication. For certain types of data, this company will not only require a user id and password, but also a token.

As discussed above and as shown below in Figure 3, iChain provides a compelling answer to this customer's application management needs. iChain's extranet management capabilities meet the needs of this company to deploy Web-based applications and provide varying degrees of access to thousands of users worldwide.

Figure 3:iChain provides the platform and security to be the front end for this customer's Web application needs.

A customer can connect via a Web browser and be authenticated to this site. Based on that user's access rights granted by the administrator, the user will only have access to data and Web applications that are allowed.

A supplier will also connect to the Web site, be authenticated through the iChain proxy server and receive access to specific supplier-related information. The supplier can view current inventories of this manufacturer and automatically fill orders for parts that will be needed in the near future.

An employee will access the same site and be granted access to specific employee news, documents, and human resource information.

iChain's logging capabilities will monitor who has obtained access to all areas of the Web site and to what information. Once iChain is in place, this customer can also take advantage of this platform by adding e-commerce applications provided by Novell or any other e-commerce vendor.

E-Business Novell's Directory Commerce

Businesses-to-Business opportunities with Novell's Directory Commerce Services are virtually endless due to the fact that traditional methods of doing business are becoming more and more virtual. The following movie studio example illustrates how a company can use Novell's Directory Commerce Services on the iChain platform to further expand their business to the home audience.

Movie Studios, Inc. is a multimedia corporation that has produced and distributed movies for over 50 years. Their traditional distribution model consisted of completing a movie and distributing copies of it to tens of thousands of movie theaters across the globe. Upon the completion of the movies' theater life cycle, the movie is duplicated and distributed to hundreds of thousands of video establishments. They, in turn, provide the movie as a rental to their patrons. The movie is viewed, rewound, and returned to the respective video store who, in turn, compensates Movie Studios for its portion of the royalties for this movie rental.

The movie company is looking for a way to distribute this and other films into customer's homes via the World Wide Web and has the following goals for their Web site deployment:

  • Web-based access controls for the corporation's intranet and Internet Web environments

  • Provide an environment that can scale to very large numbers of users and information

  • Easy access to applications for employees and customers

With these goals in mind, the customer has set out to find a vendor who can respond to these needs most closely. Based on this request, Novell recommends Directory Commerce Services on the iChain platform because this company is interested in deploying content over the Web and applying very precise access controls in a community environment.

Novell addresses the company's goals with the following explanations:

  • Web-based access controls for the corporation's intranet and Internet Web environments

    This company's access to intranet and extranet will be directed to Novell's iChain Proxy server where the users will be authenticated to the Web site. Based on various policies that will be set up, this company's Administrators can require additional stronger security depending on the data that needs to be accessed. This will allow administrators to grant customers access to movies when viewing them over the Internet from their homes, for example. NDS rules such as Access Control Lists (ACLs) can also be passed to various Web applications for additional restrictions at the application level. Additionally, the iChain Proxy can pass configurable user information to any Web application. Contained in the HTTP header is administrator defined information that controls application logic and determines which Web pages (or movies) will be displayed to the user, group, or community.

    This company will also implement certificate-based security with Secure Socket Link (SSL) connections using Novell's iChain software.

  • Provide an environment that can scale to very large numbers of users and information

    DVD's of these movies will be placed in server racks and identified as objects in the store inventory database (NDS). Connections to these services are facilitated by DSL or cable modem connections to the home to ensure high speed access. Customers log into the service and are presented with the list of movies appropriate to them based upon their membership name (iChain policy management). Terms for viewing are presented via the Directory Commerce Services. If the payment terms are accepted, access is then granted and the movie begins.

    Key to this company's solution is using Novell's powerful eDirectory. This directory service has been tested to scale to over a billion users. Novell's eDirectory has proven reliability and is running at production sites around the world. Novell's eDirectory supports LDAP v. 3 and so any directory-based application that uses LDAP can use eDirectory as its store. Additionally, through DirXML other directories can be synchronized with eDirectory so that you can take advantage of those directories as well.

  • Easy access to applications for employees and customers

iChain provides Web acceleration through its reverse proxy technology and will provide users with fast access either inside or outside the company's firewall. Digitally mastered movies will be produced and placed on servers that are accessible only by members of the theater community. Requests for these movies are facilitated through the process of "community members" (Theaters) logging into the server and being authenticated as a valid member of the community. Terms for showing the movie are presented, along with the necessary marketing material and pricing elements. When the terms are accepted, the transaction is processed, and access to the movie is granted securely to the theater, thus eliminating the majority of the cost of goods associated with the traditional method of distribution. An illustration of how Movie Studios, Inc. would use iChain is shown in Figure 4.

Figure 4: iChain provides the security and infrastructure to allow commerce to be conducted at your site.

Summary

With more than eight years of production uptime, the NDS edirectory component of iChain is the most mature and proven directory in the world. NDS is the only fully distributed, manageable, and replicated directory. The NDS iChain database can be partitioned into manageable segments that can be distributed and replicated across your network. By replicating directory partitions throughout the network in this manner, if a server goes down that contains directory data, the replicated data will still be available from another server. This replication occurs automatically and transparently to your users. Additionally, NDS partition and replication operations can be performed with users logged into the system. As a result, iChain ensures that server failure, server maintenance, repair work, or temporary communication disruptions do not interfere with your e-business processes. iChain provides your internal and external customers continual access to all the information stored in the directory.

Delivering a full service platform for e-business is not a trivial task. Novell's years of experience and knowledge has made them the directory experts, as well as making NDS the market leader in directory services. As the most mature and robust industry proven directory, iChain is the only stand-alone, cross platform LDAP directory-based framework provides a secure foundation for deploying your e-business. To compete in the world of e-business, you need to know who your customers are and be able to provide them customized services. iChain lets you capture identity information on your customers and business partners so you can build secure and personalized e-relationships that let you cater to their individual needs in a way that dramatically improves customer loyalty and your e-business interactions. iChain enables you to extend the reach of your existing infrastructure to your employees, customers, and supply-chain partners, giving you complete control of all your critical e-business processes.

iChain enables you to simplify your network infrastructure by letting you integrate the users, applications, services, and processes of your electronic business into a single, cohesive structure. iChain eliminates the boundary between the intranet and the extranet and simplifies the user interface, the management experience, and the security model.

* Originally published in Novell AppNotes


Disclaimer

The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.

© Copyright Micro Focus or one of its affiliates