Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

An Authentication Framework for Web Access to Remote Hosts



R P. McCormack, J E. Koontz, J E. Devaney


An authentication framework is described that provides a secure means for clients to access remote computing resources via the Web. Clients authenticate themselves to a proxy Web server using a secure protocol and a digital certificate. The server constructs a fingerprint (digest) of the certificate using a secure hash function. This hash value acts as a user's identification, which is used to obtain remote login information for that user from an authentication database. Client commands can then be executed by the Web server on remote hosts using the Secure Shell protocol. The system does not require a large amount of specialized software, and creates a secure, encrypted chain between the client and any number of remote resources.
- 6278
Report Number


remote access, security, SSH, SSL, Web access, WebSubmit


McCormack, R. , Koontz, J. and Devaney, J. (1999), An Authentication Framework for Web Access to Remote Hosts, - 6278, National Institute of Standards and Technology, Gaithersburg, MD (Accessed June 22, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created January 1, 1999, Updated October 16, 2008