Is it possible to allow access to a website only for specific clients on specific machines?
I'm no security expert, but one idea I had is to generate a certificate that would work only on a specific machine (so if the certificate was stolen, it wouldn't work on other computers) and then somehow use that to authorize myself on the website (plus providing a username and password).
The security requirements are very high, and I would like to avoid developing a desktop application for scalability and maintainability reasons, but security becomes an issue.
Is this achievable on the web, or should this be a purely local application?
I would appreciate any reading material about this issue. Thank you.