Many companies today are faced with new security challenges as they move toward a service oriented architecture (SOA) or composite applications/mash-ups. For example, enterprise architects implementing the SOA transformation have to consider the impact to the existing enterprise security infrastructure.
SOA is inherently cross-domain and the loose coupling of applications creates context dependent security and access control risks. The proliferation of heterogeneous IT infrastructures with various (often incompatible) security policies makes it difficult to manage and enforce access controls. Even when technically possible, the cost of managing security, compliance and user access within each individual application is not tenable.
Application owners need to externalize security policy from their new composite applications and mash-ups - allowing centralized, consistent administration of application access and user entitlements. Similarly, IT/Security operations are looking to centrally manage and control access based on user attributes (i.e. roles), resource attributes (e.g., read-only), and various contexts such as 'time of day.'
To address these growing SOA security and application entitlement management needs, IBM Tivoli Security Policy Manager solution will dramatically reduce the management pains of SOA security by centralizing management of the end-to-end security aspects in an SOA environment as well as managing and enforcing fine-grained entitlements for Web-services composite applications and mash-ups.
For more information on a new Tivoli Security Policy management offering and the early access beta program, contact your IBM Tivoli representative.
We're here to help
Easy ways to get the answers you need.
Or call us at:
877-426-3774
Priority code:
109HJ03W
