Banking on security - First Union National Bank ensures secure Web-based transactions with DCE middleware - includes related articles on security software in use at the University of Buffalo, DCE's evolution into a security component for Web-based extranets and intranets - Company Operations

Software Magazine,  Nov, 1997  by Barbara Francett

• E-mail
• Print
• Link

First Union National Bank is taking its business where few in the banking industry have gone before -- to the Internet. With its Cyberbanking Web application, First Union has delivered one of the first online consumer banking systems. By the end of 1998, the bank would like 10% of its 13 million customers to do their banking via "remote delivery channels" -- chief among them, the Web.

To reach its goal, however, First Union National Bank (FUNB) understands that they'll need to convince customers that their online financial transactions are as secure as any they would conduct with a teller. The bank is looking to DCE (Distributed Computing Environment) middleware and its vaunted security features to provide that level of comfort.

Most Popular Articles in Technology

An overview of continuous data protection

Why all those current ratings?

Many countries now have a mobile penetration rate above 100%, report says

The Tata Group's big telecom gamble: VSNL's recent acquisition of Tyco ...

MEASURING BANK BRANCH EFFICIENCY USING DATA ENVELOPMENT ANALYSIS: MANAGERIAL ...

More »

Headquartered in Charlotte, N.C., FUNB is the nation's sixth-largest banking company, with $137 billion in assets. Its 1,996 offices are scattered from Connecticut to Florida, comprising the country's second-largest branch banking system. Now, the bank is looking to reap big business benefits with its online services -- not only does the Cyberbanking app offer customers 24x7 availability from their home PCs, it also reduces the need to build and staff new branches. Together, such benefits translate into competitive advantage.

At www.firstunion.com, bank customers can view processed checks, check the status of interest or brokerage accounts, transfer funds, examine statements, order checks, and pay bills. In short, they can perform any banking chore that does not involve money physically changing hands. And there's no charge for this service.

"We are tapping the potential of the Internet so customers do not have to tie up their phone lines," says Adi Khindaria, FUNB's vice president of Internet operations. Telephone-based access, he says, is the approach most banks take to remote banking. "If you have a faster route to the Internet -- using an ISDN line, say -- you can do your browsing and your banking at the same time."

To take advantage of this "anytime, anywhere banking," customers need only a PC, a modem, and a standard Web browser. First Union's research shows that 30% of their customers have access to the Internet.

"FUNB realizes that the 'local branch' is becoming the local Web browser," says Jon Stumpf, infrastructure consulting manager at Transarc Corp., a middleware software provider. "Any function that can be performed at the local office -- other than the exchange of cash -- can be more efficiently performed at the Web site."

DCE to the Rescue

The design of the Cyberbanking application is driven by customer needs, says Khindaria, and the primary customer concern with an Internet banking system is security. "One of the major concerns is that if you open yourself up to the Internet you have to have secure systems. Security is our major theme," he says. The effectiveness of FUNB's security measures has been proven by independent security agency tests, he adds.

"The fundamental problem people have [with doing business on the Web] is a little funnel called the Web server for exchanging information," says Jim Hurley, director of operating environments at The Aberdeen Group in Boston. "How do you appropriately segment information to flow to the right people? The answer is authorization and access controls."

The bank uses a multilayered "onion model" to provide network, system, application, and access security for Cyberbanking, Khindaria says. DCE's security services, which enable encrypted communications between machines as well as authenticated remote procedure calls (RPCs), provide the foundation for system-level security.

Key to the success of Cyberbanking is DCE's Distributed File System component. "We have a 100% uptime requirement. We chose the technology because of its inherent redundancy," Khindaria says. "DFS allows us to replicate, to move into the next generation of hot backups, with filesets replicated in three different geographical locations. This also adds convenience to our management of the content." FUNB uses Encina, Transarc's DCE-based transaction processing middleware, to supply the DCE technology the application requires. In addition to the DCE security, directory, and distributed file system features, Encina-DCE also provides transactional RPCs, audit trails, transactional rollback, and two-phase commit capabilities, Khindaria says.

To ensure security, Cyberbanking's multi-tiered architecture relies upon a middle tier known as the "demilitarized zone" (DMZ). The Web and application servers, as well as DFS clients, reside in this tier. The DMZ lies between customer PCs and the DFS file servers and core DCE services, and communicates with mainframe hosts and legacy systems on the back end. IBM MQSeries messaging software provides asynchronous communication to the host, while an Encina PPC gateway provides synchronous host communications.

"File servers and core infrastructure machines run in the trusted environment," explains Transarc's Stumpf. "Routers separate the DMZ [from the front and back ends]. Traffic is not allowed to cross lines," he says. Direct connections are not permitted between the tiers; connections can only be made by proxy. With this approach, Stumpf says, any attempt to breach security would take such a long time it would inevitably be noticed and countered.

Find Research Guides for:

• Abortion
• ADHD
• AIDS
• Alternative Energy
• Alternative Medicine
• Cancer
• Capital Punishment
• Cloning
• Hate Crime
• Cryonics
• Drug Abuse
• Eating Disorders
• Gay Issues
• Global Warming
• Holidays
• Immigration
• Medical
• Men's Health
• Mental Health
• Real Estate
• Stem Cells
• Women's Health

Find Featured Titles for: Health

• AAACN Viewpoint
• ABNF Journal, The
• AIDS Treatment News
• AMAA Journal
• Aboriginal Nurse, The
• Adolescence
• Adolescent Psychiatry
• Advances in Skin & Wound Care
• Age and Ageing
• Alabama Nurse
• Alberta RN
• Alcohol Research & Health
• Alternative Medicine Review
• American Family Physician
• American Fitness
• Men's Fitness
• Psychology Today
• Shape

Most Popular Articles in Technology

• An overview of continuous data protection
• Why all those current ratings?
• Many countries now have a mobile penetration rate above 100%, report says
• The Tata Group's big telecom gamble: VSNL's recent acquisition of Tyco ...
• MEASURING BANK BRANCH EFFICIENCY USING DATA ENVELOPMENT ANALYSIS: MANAGERIAL ...
• More »

Most Popular Publications in Technology

• Computer Technology Review
• Japan, Inc.
• Communications News
• Internet Business News
• Macworld
• More »