Case study goes back to August '97, when my manager felt that our earlier used NIS-based authentication has reached its limits. Following requirements were placed for its successor: user account administration has to be done some third party users are not forced to learn yet another password users have to be able to change their passwords user groups have to be detailed enough so that all authentication can be based on groups. solution has to be comparable to commercial solutions on security issues Presentation will cover studied solutions (for username/password pair, user groups and secure communication between server and browser), implementation and integration as well as our experiences from our solution and future plans to improve it.

Juha Ylitalo is a system specialists in R&D department in Nokia Telecommunication. His responsibilities cover office network, UNIX-based office automation and R&D machines and management of departments WWW server. He can be reach from juha.o.ylitalo@ntc.nokia.com.