Spyglass' Open Security Architecture

Enhanced Mosaic Security Framework:

• Emphasizes modularity, open standard, linkable security libraries

• Multiple, user-selectable security modules

• Suggests a particular menu interface to security module

• Passes off stated protocol responsibility to security modules

• Module may use smartcards or open their own network connections

Spyglass' "Ehanced Mosaic" supports a few schemes now:

Basic Authentication
MD5 Message Digest Authentication
Electronic Business Co-op Payment scheme
First Virtual (quasi-secure credit card transactions)

Other security mechanisms to be made into modules:

Secure HTTP, with and without signatures
SmartCards: DoD "Fortezza" card system, V-One's "SmartCAT"
OpenMarkets Digital Payment system
Kerberos-based schemes

Position Paper on Electronic Commerce Standards for WWW