Externalize Authorization - XACML and Beyond
- LANGUAGE: English DATE: Thursday, March 03, 2011 TIME: 18:00 CET, 12:00 EST
Externalizing and centralizing authorization from applications has recently gained momentum, as related standards like XACML have matured and experiences shared by early adopters have been positive. Obviously, potential benefits from a standardized method for authorization are tremendous. KuppingerCole Research therefore has defined a clear focus in the area of centralized authorization, monitoring the market and analyzing best practices. In this webinar, Martin Kuppinger will give an update on his recent findings and he will discuss with Doron Grinstein, CEO at authorization and XACML pioneer Bitkoo, on how to best include centralized authorization into your existing infrastructure.
Avoid hard-coded security. Can your applications work with existing directories? Can they rely on existing authentication system and thus use all the authentication mechanisms you might have in place? And if you can answer “yes” on these two simple questions, how about the real tough challenge: Can you manage the policies for authorization externally? Or do you have to change code once business rules are changing? And don’t you know exactly what has been coded in the applications? Externalization of security is key for audit ability and manageability of applications. And this isn’t really new – it is done for many years in mainframe environments and some other environments. Thus, it is about time to start doing this everywhere.
BiTKOO is the leading software vendor in the domain of externalized authorization (sometimes called entitlements management). BiTKOO products are delivered from the cloud or deployed on-premises, to protect both cloud applications and on-premises systems of any kind. The company’s software portfolio include Keystone, which is the fastest and most sophisticated XACML engine on the market; Keystone for SharePoint 2010 which transforms SharePoint from having rudimentary security controls to having enterprise-grade controls; Keystone STS which is a universal federation engine; DB-Wall which is the first database row and column level security firewall; SecureWithin which seamlessly exposes behind-the-firewall endpoints to authorized external users. BiTKOO provides what it calls “Defense-In-Depth” for systems of any kind. Unlike point solutions, the BiTKOO platform allows organizations to protect all the layers of their applications. Some of the world’s largest organizations have successfully deployed BiTKOO software for their most mission-critical systems.
Häufig beginnt die Suche nach einer Identity-Lösung mit einem ganz konkreten Schmerzpunkt im Unternehmen. Ein nicht bestandener Compliance-Audit wegen überhöhter Zugriffsberechtigungen, technische Probleme, wegen komplexer Systeme frustrierte User und eine Überforderung des Helpdesk mit Berechtigungsanforderungen und Passwort-Resets sind nur einige der vielen möglichen Ursachen. Selbst nach einer erteilten Budgetfreigabe für die Anpassung der IAM-Landschaft sind die Hürden vielfältig.