Sovay’s simple objective is to ensure that you’re ready for anything the security industry can throw at you.
Sovay provides a single request-for-authentication interface that decouples the authentication process from the application. Authentication methods can change over time, but your applications don’t have to know. The call return style interface simply provides pass/no-pass back to the application when authentication is completed; password, OTP through Sovay Multichannel, Multifactor Authentication share the same call and parameters.
Your applications can evaluate authentication levels and take advantage of Sovay step-up authentication. A simple call can enable step-up authentication. If the user is already authenticated at the required level, your application will get the green light.
Implementing and extending Sovay Authentication is cost effective and presents a consistent interface to users and applications.
Sovay can easily integrate into other technologies helping our customers to stay ahead of the pack. With security technologies advancing so quickly, it can be difficult to choose from existing vendors, especially since new vendors may offer (yet unseen) critical features and functions in the future. Sovay provides runtime components that can be included in a branded user interface. Our ActionScript libraries are quickly and seamlessly integrated using our toolkit, complete with source code for a running JSP implementation. Each technology library is isolated from other services through a single call Application Programming Interface (API) using XML for parameter passing.
Your procedural changes and technology selections can be configured using Sovay Administration Services (SAS). The system embeds a Sovay Workflow Interpreter (SWI) and Sovay Rule Engine (SRE). The SWI and SRE evaluate the user equipment and application security requirements in real-time. New rules are added through the SAS. Rules are written and Java and can contain arbitrarily complex logic and can, among other things, specify the SWI procedure used to verify the identity of the user.
Workflows are a concise set of instructions retrieved from the configuration database that contain information and parameters necessary to execute web services methods and interpret return values. There are under a dozen instructions that can be executed in wait, no-wait, and fire-and-forget mode. Each instruction is described in the configuration database. Extending the interpreter is as simple as adding a new descriptor to the configuration database and including it in a workflow.
Instruction logic is implemented in web service methods. The method implementation often requires database records to be created, read, updated, and deleted. Your new functions and libraries can participate in Sovay’s distributed transaction environment. You can define new persistence objects by simply adding them to Sovay’s Data Binding Objects (DBO) libraries. You can also modify existing objects in the same way.
Using the Sovay Software Development Kit (SDK), you can extend Sovay for your legacy authentication methods and for new authentication methods in the future.
