OpenIAM Access Manager is a robust, scalable solution built with Service Oriented Architecture. It integrates seamlessly with Identity Manager to provide users with a comprehensive solution that allows them to take control of not only who can access the systems, but what they can do once they are in there. Corporate security policy is enforced across multiple points and managed centrally to improve effectiveness and reduce administrative costs. The strategies that are used for access control need to take into account the cost of ownership in implementing a coarse-grained access control against the need for the high level of control available through fine-grained authorization.
Rich Web User Interface. User and Account Management. Group Management. Role Management. Resource Management. Policy Management.
Password Auth. Strong Authentication. Chained Authentication. Contextual Authentication (Risk Based Authentication). Windows Integrated Auth. Social Authentication (Facebook, LinkedIn, etc).
Coarse Grain. Fine Grain. Integration with Spring Security.
SSO to Cloud applications (Google, Salesforce.com, Box, Office365, Sharepoint, etc)
SAML 2, WS-Federation, OpenID. oAuth 2. WS-Security.
Application Server (Jboss 7, Tomcat 6.x, 7.x).`` Database (MySQL, Oracle, SQL Server). High Availability. Seamless Integration with IDM.
As organizations are tasked with becoming more responsive to market demands, a large number of them are adopting SOA. This architectural philosophy will allow companies to reuse existing services and deliver new business services to customers faster. SOA’s loosely coupled approach that allows accessing applications and services across domains has brought new challenges that complicate security.
The Access Gateway works well for providing coarse-grained authorization when protecting web applications. Requests go through a proxy, which applies authorization rules, and forwards the request to the underlying servers that provide the application. This model is simple to deploy and easy to maintain.User identity is checked and propagated through HTML header injections or query strings or authentication headers to applications hidden behind a proxy server. The real URL of these applications is hidden from the public view.
Each partner system, as well as your own application, may have its own set of new user id’s and passwords. Such applications move in and out of security domains. The user experience suffers when many login credentials have to be remembered.
The SSO feature can let your users login once and roam unchallenged through the security realm. For end users, it reduces the burden to remember an array of passwords and reduces the need to individually login to each application. Users may login once, and roam freely in secured domains without being challenged again. Participating domains are not required to give up their own logins and credentials. The ability to hold multiple identities, each with their own roles, permissions, access-levels and entitlements across multiple domains allows for a wide network of co-operating domains to communicate seamlessly. Authenticated subjects can access restricted resources requiring multiple logins and credentials without the need to login at each domain.
Unlike SSO solutions from many industry leaders, Open Access Manager’s solution is not based on a proprietary cookie. Instead it is based on SAML 2, a well-accepted industry standard. Using SAML allows OpenIAM Access Manager to not only provide SSO capability at the web application tier, but also across other layers such as Web Services. It also allows Open Access Manager to integrate easily with existing technologies that a company have.
Your business has partners, suppliers and other organizations. For them to collaborate effectively, identity information needs to be propagated. You need to know when a user at a partner site comes on board or leaves. You need Federation capabilities provided by the OpenIAM Access Manager. New revenue streams may be generated through enablement of trusted partnerships where authentication and authorization is carried out over federated business networks.
Federation refers to interoperation between entities in different security domains, either in different organizations, or in different tiers in the same organization.
A trust relationship must exist between the involved entities to federate identity and enable authentication across realms.
Each domain may rely on different technologies and mechanisms to authenticate and authorize.
Federation enables loose coupling at the IDM level separating the way each organization does its own security implementation while they adopt a common mechanism to propagate identity.
It is expensive for your partners to track user credentials and user attributes in your domain, as they do not have the same proximity to your users as you do. The OpenIAM Identity Manager integrates seamlessly with the OpenIAM Access Manager. OpenIAM can act as an identity provider and use Federation protocols to facilitate user provisioning and manage credentials and user attributes.
Rich Web User Interface
Windows Integrated Auth
PRICE ON REQUEST
Search Software Easily