Enterprise Entitlement Management is one of the topics which will drastically gain in relevance during the coming few years. This is also reflected by Cisco´s acquisition of Securent. Securent´s technology uses XACML as a basis to control authorizations on different systems.
The Securent Entitlement Management Solution (EMS) uses XACML, SOAP, SAML and SPML for controlling the security settings of systems via rules. The rules define which users are authorized to carry out which activities and the conditions, under which this is possible. The rules are embedded in a hierarchical model of resources.
The goal is an extended control of authorizations down to the lowest level systems and by this to close the gap which for example occurs in Provisioning solutions between the central Provisioning administration and the local administration of Entitlements in target systems.
We are curious to observe how the actual integration will be realized. Cisco´s final interest is a security management of diverse applications from out of the network – to end up with providing a network service controlling the Entitlements. The concept of the network as a set of services has already been envisaged by Cisco in its SONA (Service-Oriented Network Architecture).
In principle, we agree that these kinds of Enterprise Entitlement solutions are useful and necessary, but we wonder if the level where this control takes place is the most promising. Generally, a centrally distributed management of rules is a reasonable strategy (see http://www.kuppingercole.de/articles/kol policies). But on which level and in which context this will be best realized remains to be seen. At first sight, Cisco`s answer of solving the problem on the level of the network infrastructure seems to be quite valid. But the same objective might be achieved on the basis of complete GRC solutions. Finally, the benefit of this acquisition will depend on how Cisco will realise the integration and which components will further be added to the Cisco portfolio in order to be able to provide complete Services in the form of an application security infrastructure. All things considered, Cisco`s step of acquiring Securent will make Enterprise Entitlement Management a matter of importance.
Created: 09.11.07, modified: 09.11.07