Introduction

The SSL portal provides a simple list mechanism which will allow you to securely access the HTTPS websites that you use on a regular basis. An SSL portal is a web page that allows you to access secure web sites, and is itself a secure website. You will see that the NavWin web apps are all accessed using a secure website.

The reason for using an SSL portal is to overcome the problem of your session being hijacked by a man-in-the-middle attack. The idea behind the attack is that if you access an HTTPS website by clicking on a link that is not secure (i.e. only HTTP, which is the typical way to access most login screens from the home page) then your browser will not warn you if you are actually redirected somewhere else. This means you could end up entering data into a web site that looks like your target website (e.g. a bank online account) but is actually a fake.

I do not know how likely this is going to be for you personally, however it is a possibility in theory.

To overcome this problem, you must either:

a)      Access the link from a bookmark in your browser on your local client PC

b)      Access the link from a web page that is already secure

Now that I have told you about this problem (and if you are paranoid enough to care about it!) then you can now choose to use either method. If using (a), which you can do straight away, then you can start to bookmark your secure pages straight away. However the problem here is that you will still be vulnerable if accessing the website from another computer.

The advantage of using method (b) is that you can access the links from any computer in the world in a secure fashion. The only pre-requisite is that you will need to hand-enter, or bookmark, the top level NavWin link. Luckily this is fairly easy to remember if entering by hand from a different computer.