Tagged: XACML

Vordel Access Gateway

Business applications handle sensitive data such as personal identifiable information (PII), business transactions, and intellectual property. With the growing adoption of Service Oriented Architecture (SOA), Cloud computing, mobile devices, and rich user interface technologies like AJAX, these sensitive data are being accessed by an explosion of clients via application interfaces such as SOAP Web Services and REST APIs. Vordel Access Gateway is the “front door” for enterprise applications and SOA infrastructure, securing, controlling, and mediating application integration interfaces.

Download Vordel Access Gateway Data sheet



Webinar: Using Standards to Manage Access to SOA and Cloud Services

In this Webinar, participants will learn how a Gateway and a Policy Server work together to apply policies to SOA and Cloud services. These policies control not only who accesses the services, but also when they access the services, how they use the services, and how the access control decision is made. This Webinar will describe a best practice framework that scales to high-volume usage and allows reuse of policies, promoting efficiency and reducing time-to-market and developments costs.

Speakers:

Gerry Gebel
VP North America
Axiomatics		 Mark O’Neill
CTO
Vordel		 Felix Gaehtgens
Senior Analyst
Kuppinger Cole

What Will You Learn?

  • How to extend a secured environment beyond the corporate boundary and into the Cloud.
  • How to avoid heavy integration costs and generate higher returns on investment on existing infrastructures.
  • How an XML Gateway and XACML-based policy server combination provides maximum security with optimized access control.


alternately you can download this video in mov, wmv, webm or mp4 formats

To view this document please


Externalizing of Fine Grained Authorization

An Entitlements Server allows enterprises to externalize fine-grained authorization from an application’s logic

by Marc Chanliau  Originally published http://soa.sys-con.com/node/1923919

The recent spike in insider threats, coupled with a rise in compliance considerations, has forced organizations to ensure only authorized users access sensitive application functionality and data. Historically, user entitlements or authorization logic has been embedded inside an application. For example, if the user of an application meets specific conditions, such as a specific role, access to that application function will be granted at runtime. But if the definition of specific authorization conditions changes over time, then the application developer needs to modify the application’s source code, test, and re-deploy the application.
Continue reading