Identity and Access Management Solution Overview.

Identity and Access Management Solution Overview

Identity and Access Management Solution Overview

Access Management

SiteMinder

Access Management

SiteMinder

Web Services Access Mgmt

TransactionMinder

Web Services Access Mgmt

TransactionMinder

User Administration

IdentityMinder, Web Edition

User Administration

IdentityMinder, Web Edition

Resource Provisioning

IdentityMinder, Provisioning Edition


IdentityMinder, Provisioning Edition

The Netegrity Identity and Access Management Solution

For Legacy, Web and Service-Oriented Architectures

Enforcement

Administration

The Netegrity Solution

High security administration costsExpensive coding and maintenancePoor user experience

J_Doe1211960

John DoeA23JJ4

John Doe John_D Johnd Mobile Phone

Application Layer

User Store

Operating System

SQL 2000SunONELDAP

OracleOID

OracleRDBMS

Active Directory

Oracle

PKI Cert

LDAP

CRM ERP HRPartner

ExtranetSCM

Customer Self-Service E-Commerce

Employees PartnersCustomers

The Application Silo Challenge

Security Layer

No centralized security enforcementNo standardized security processNo central auditing capability

http://www.netegrity.com/Partners/index.cfm?leveltwo=Alliance&levelthree=directory&partner_id=66

http://www.ibm.com/

http://www.ibm.com/

Employees

Partners

Customers

• CRM• Customer Service• Channel• e-Commerce

Secured Applications

Firew

all

Firew

all

SiteMinderPolicy Server

SiteMinder in Action

Web Server With

SiteMinder Agent

1) Is Resource Protected?

jdoe ********

Authentication Scheme


• Customer Service• Supply Chain• Intranet

6

7User & Entitlement Stores

•LDAP•RDBMS•Mainframe•NT Domain


• Finance• HR / Payroll• eCommerce• Extranet

2) Is User Authenticated?

3) Is User Authorized?

NT, LDAP, ADODBC, RACF

Native Directory Enabled

Map to existing user stores– No embedded database required– Eliminates user store synchronization issues

Separate authentication & authorization stores – Chain directories

Supports multiple user directories– Including databases & mainframes

Authentication Namespace

Authorization Namespace

Users

Web Server WithSiteMinder Agent


No User Data Stored inSiteMinderDMZ

mycompany.com

Single Sign-On Microsoft Environment

Outlook Web Access

MS IIS Web Server SiteMinder Agent

Web Server on Unix SiteMinder Agent


Active Directory

SQLServer

Windows Integrated SecurityAuthenticate to your desktop & access all your enterprise web applications

Microsoft Application Login

Single Sign-On Netegrity Secure Proxy Server

Turnkey Proxy Solution SSO

– Mini cookie– SSL-ID– URL rewrite

Enhanced security

Define target destination servers

Deployed at VISA VOLUsers

User & Entitlement

Stores

Web Apps

ERP/CRM

J2EE Apps

Proxy Server

Firewalls

DMZ


DestinationWeb Servers

Firewalls

Backend Resources

Single Sign-on Application Server Environment

User & Entitlement

Stores

Web Apps

ERP/CRM

J2EE Apps

Web Server

Firewalls


J2EEApplication

Server

Backend Resources

J2EE Application Server Agents IBM WebSphere & BEA WebLogic

Enables SSO across the enterprise

Including J2EE application server based applications

Leverages SiteMinder’s broad range of authentication system support

Centralized authorization management & audit services

Firewalls

Users

Single Sign-on Enterprise Applications

User & Entitlement

Stores

Web Server

Firewalls

NetegrityPolicy Server

EnterpriseApplications

Firewalls

Users

Enables SSO across the enterprise, including ERP/CRM systems

–SAP, Siebel, Peoplesoft, & Oracle

Leverages SiteMinder’s broad range of integrated authentication systems

Provides centralized authorization management & audit services

SAP

Siebel

Peoplesoft

Authentication Management

Methods Passwords Two factor tokens X.509 certificates Passwords over SSL Smart cards SAML Combination of methods Forms-based Custom methods Full CRL & OCSP support Biometric devices

Management Authentication Levels Directory chaining Configured fallbacks to other authentication

schemes

Broad Support for Authentication Systems

Authentication Management

Password Management Expiration with warning & grace period Composition rules

– Max/Min lengths, repeating characters, case sensitivity, reusability– Difference (%) measures between before & after passwords– Editable password dictionary to prohibit certain word use– Prohibition of use of user profile attributes (name, address etc…)

Account Management & Auditing – Forgotten password support– Redirects– Password & Login history – Lock-out

o Permanentlyo Successive failed passwordso Inactivity o Until or after certain dateo Login before a specific dateo Disable field in MS AD & Sun One

Restrict access by user, role, groups, dynamic groups, or exclusions– Controlled “impersonation” of users by other users

Fine-grained authorization at the file, page, or object level Determine access based on location and time Policies

– Send static, dynamic (SQL queries), or profile attributes in responses– Redirect users based on type of authentication or authorization failure– Can have global or local policies

Authorization ManagementCentralized Policy Management

SiteMinder Policy

Rule orRule Group

Users or GroupsIn a Directory Time IP Address

Active Response

eTelligentRule

Response or Response

Group

=

Allows ordenies

access to a resource

User, GroupsExclusions,

Roles

+ +

Action thatoccurs whena rule fires

+ + + 1.2.3.4

Expressionusing

ContextualData, Web

Services

IP addressthat the policy

applies toTime when thepolicy can or

cannot fire

Dynamic extension of

the policy (optional)

Option(s)

e

www. SiteMinder.com

Authenticate

www. PartnerB.com

www.PartnerA.com

Federated Security Services

User

SSO

SSO

InternetInternet

SAML Producer

SAML Consumer

SAML Affiliate Agent SAA

SAA

www. SiteMinder.com

Authenticate

www. PartnerB.com

www.PartnerA.com

Federated Security Services:SAML Producer with SAML Affiliate Agent (SAA)

User

SSO

SSO

InternetInternet

SiteMinder site conducts authentication–User profile must exist at www.SiteMinder.com

Light-weight Web plug-in at partners–Security product/SAML support not required at partners

–Converts SAML attribute assertions into HTTP header variables

oProvides user profile information to Web application

–Synchronized session between sites

oSingle sign-on/off

–Centralized auditing & reporting

–Event notification services

SAA

SAA

www. SiteMinder.com

Authenticate

www. PartnerB.com

www.PartnerA.com

Federated Security Services: SAML Producer

User

SSO

SSO

InternetInternet

SiteMinder site conducts authentication

–User profile must exist at www.SiteMinder.com

–Generates SAML artifact

SAML Consumer capability required at Partners

–SiteMinder or equivalent capability

oCompetitive IAM system, toolkit, standards compliant platform

–Functionality available to partners dependent on capability of local security tool

–No Netegrity software required at partners

www. SiteMinder.com

www. PartnerB.com

www.PartnerA.com

Federated Security Services: SAML Consumer

User

SSOInternetInternet

Security product at PartnerA/B conducts authentication

–May or may not be SiteMinder

–Could be competitive IAM system, toolkit, or standards compliant platform

•SiteMinder conducts SAML-based authorization & SSO

–Partner-user to SiteMinder-user mapping is flexible

oOne-to-one (account-to-account)

oMany-to-one

Authenticate

Authenticate

Enterprise Class ManageabilityAuditing & Reporting

Managers need reports to:– Fine tune infrastructure– Show compliance with security policies &

regulations SiteMinder provides:

– Schema for reporting RDBMS– Stored procedures which can be used to

generate:o Access reportso Activity reportso Intrusion reportso Audit reports

Access ReportsHourly Rollup Access ReportDaily Rollup Access ReportHourly Authentication Access ReportDaily Authentication Access ReportHourly Authorization Access ReportDaily Authorization Access ReportHourly Administrator Access ReportDaily Administrator Access Report

Activity ReportsActivity Rollup ReportUser Activity ReportAgents Activity ReportResource Usage/Activity Report

Intrusion ReportsIntrusion Rollup ReportIntrusion by User Report Intrusion by Agent Report

Audit ReportsAudit Rollup ReportAudit by Resource ReportAudit by Administrator Report

Directory Server Directory Server

Web ServerWeb Agent w/Cache


High Performance Architecture

Automatic fail-over– Cluster-to-cluster

fail-over (SM 6.0) Agent to Policy Server

dynamic load balancing Policy Server to

directory server load balancing & failover

2-level caching in Policy Server & agents

8 processor support (SM 6.0)


PolicyCache

Policy Server

RulesCache

PolicyCache

Policy Server

RulesCache

128 Bit RC4encryption

Audit Log(ODBC)

Replication

Application Servers BEA WebLogic IBM WebSphere

ERP/CRM Peoplesoft Siebel SAP Oracle

RADIUS Network Access Devices

Firewalls Communication

Servers

Web Agents Microsoft IIS Sun ONE Apache HP Apache Lotus Domino IBM HTTP Oracle HTTP Domino Go

Policy Server MS NT/Win

2000/Win2003 Sun Solaris HP-UX Red Hat Enterprise

Linux

Sun Java System Directory Server

NT Domains Microsoft Active

Directory IBM Directory Server Novell eDirectory MS SQL Server Oracle RDBMS Siemens DirX Oracle Internet

Directory Critical Path Directory

Server Lotus Domino LDAP CA eTrust

Passwords Passwords over SSL Forms-based X.509 certificates Full CRL & OSCP

support Smart cards Two factor tokens Method Chaining SAML Custom methods Biometric devices Combination of

methods

Platforms UserDirectories

Other Systems

Broad Platform Support

Leverages Existing Investments

AuthenticationSystems

Solution Modules

Mobile Authentication Module– Authentication by passcodes delivered wirelessly to your handled devices

User Context Gateway– Provides SSO to Microsoft applications like OWA and Citrix NFuse

Limit Concurrent Login– Prevents users from authenticating twice and accessing the site from two or more

browsers simultaneously

Impersonation (SM 5.x – OOB in SM 6.0)– Allows one user to impersonate another while still maintaining control, security

and the ability to audit

SmFTP Server– SiteMinder enabled FTP server

TransactionMinder® Key Features

Deployed at VISA ROL and CCDR Centralized policy-based authentication,

authorization, and audit– Provides single point of access control

and administration for the whole enterprise

Synchronized sessioning – Enables single sign-on across multiple

Web services used in the same transaction

Shared Web services security platform – Avoids creation of an isolated island of security:

Web services are one of many resources that must be secured by the enterprise

Seamless integration with existing SiteMinder®-enabled sites Open, platform-neutral architecture

– Support all major relevant web services standards (XML/SOAP, WS-Security, SAML, XML Signature)

– No investment in proprietary technologies is required.

Provisioningand User

Administration

TransactionMinder

The industry’s first policy-based solution to protect access to

Web services


Authentication & Access Management

User Administration

Introducing TransactionMinder

Complete Web services security solution

Internet

Web Service(s)

TransactionMinder XML Agent

Web Services Provider


User Directories

Back-endApplication

Policies define:- Authentication- Authorization- Audit- Federation- Session Mgt

Designed to provide secure access to Web services

– Authentication based on message content and Web services standards such as WS-Security, SAML, XML Signature

– Runtime authorization rules based on the content of a business payload, e.g., a purchase order

Centralized authentication, authorization, audit, and federation services

– Leverages and extends the core Netegrity Policy Server

– Delivers security policy as a “shared service”

Support for industry-leading Web services frameworks and standards

Web Services Consumer

TransactionMinder Features

Content-based Authentication– XML Document Credentials Collector (DCC)– XML Signature– Sessioning (expressed as a SAML session assertion)– WS-Security (supporting three security tokens: password digest, X.509 certs,

and SAML assertions) o XML Encryption (New in TransactionMinder v6.0)

New Policy Server XML response types– SAML session assertion generation (in SOAP envelope, HTTP header, or

cookie)– WS-Security header generation (supporting three security tokens: password

digest, X.509 certs, and SAML assertions)

Dynamic Authorization Policy Model– eTelligent™ Rules using TransactionMinder-specific variables in policy

expressions

WS-Security Authentication Scheme

Producing and consuming three WS-Security-bound security tokens (WSSE)– Password digest – X.509 certificates– SAML 1.1 assertions

WS-Security utilities (WSU)– Digital signatures (using TransactionMinder v6.0’s key database

functionality)– Message timestamps

WS-Security Encryption (Production & Consumption) (New in TransactionMinder v6.0)– Encryption / decryption of tokens and message elements that are

included in SOAP messages using WS‑Security

TransactionMinder Deployments Based on the Netegrity Reference Architecture

Simple Direct Deployment

Simple Proxy Deployment

IAM / WSM Deployment with Security Appliance

Simple Direct Deployment

NetworkFirewall

SOAP

HTTPSMTPFTP

JMS/MQ


Legacy

.NET

J2EE

User Stores(LDAP, RDBMS, etc.)

NetworkFirewall

TxMinderXML Agent

Web Service

Container (IIS, iPlanet, Apache)

Simple Proxy Deployment

NetworkFirewall

HTTPSMTPFTP

JMS/MQ

SOAP

ReverseProxyServer

TxMinderXML Agent


Legacy

.NET

J2EE


NetworkFirewall

ProprietarySecurity

.NET Security

Container Security

SOAP

IAM/WSM Deployment w/ Security Appliance

NetworkFirewall

HTTPSMTPFTP

JMS/MQ

SOAPSAML

Proxy

WSM (1)

TxMinderXML Agent


Legacy

.NET

J2EE

TxMAgtSOAP


WSMPolicies

NetworkFirewall

PropriatarySecurity

WSMAgt

TxMAgt

WSMAgt

SecurityAppliance(2)SOAP

NotesDotted lines materialize integration between TransactionMinder and Netegrity partners (1): Web Services Management(2): XML Firewall providing “wire speed” XML processing (parsing, transformation, crypto math, etc.)

Integration with Complementary Third-Party Offerings

Purpose– Create a TransactionMinder ecosystem that provides more complete customer solutions

Integration Approach– Based on Netegrity’s Reference Architecture– Use of TransactionMinder’s Agent API

Integration of XML Gateways with TxMinder– Vendors involved: Forum, Reactivity, Sarvega, Layer7– Customer Benefits

o Intrusion detection (XML Gateway)o Accelerated, first-level, entry point authentication (XML Gateway)o Integration with Enterprise infrastructure (TransactionMinder)

Centralized security policies, multiple-factor user stores, etc.o Web services federation, sessioning (TransactionMinder)

Integration of Web Services Management (WSM) Platforms with TxMinder– Vendors involved: Digital Evolution, Actional, Amberpoint, Blue Titan– Customer Benefits

o Provides SLA and business policies management (WSM Platform)o Integration with Enterprise infrastructure (TransactionMinder)

Centralized security policies, multiple-factor user stores, etc.o Web services federation, sessioning (TransactionMinder)

IdentityMinder Features Overview

Stuctured Administration– Leverage administrator roles, groups, organizations, & attributes to

maximize administrative productivity & control– Enable role-based access control (RBAC)

Integrated Workflow– Improve security and reduce costs through on-line workflows– On-line requests, approvals, & notifications

Delegated User Administration– Improve efficiency by distributing administration– To partners & internal administrators

Auditing & Reporting– Improve security through comprehensive auditing and management

reporting

User Self-Service– Reduce costs by allowing end-users to manage their own profiles,

passwords, & entitlements

J2EE application that provides a customizable interface for delegating user administrationand granting users entitlements. IMWE leverages the power of SiteMinderincluding support for role-based access control.

Deployed at VISA DPS, Risk Mgmt

Key Functionality

Self-Service

Integrated Workflow Approvals

Delegation

Role-based Entitlement Support

Auditing and Reporting

Customizable Interface

Extensibility

Scalable Architecture

Integrated Provisioning

Self Service

1. User Self registerso Requests access to applications and group memberships

2. Workflow approval is conditionally triggered for group assignments3. The user object is created4. The user can now change profile and password attributes and memberships

SelfRegister to NeteAutoName: JsmithPwd: xyzEmail: [email protected] Code: x23zSign Me Up: Free Stuff Credit Line

NeteAuto WebSite

Welcome: JsmithSelect One: Edit My Profile Reset My Password Change Memberships

User Object

cn=JSMITHuserPassword=##mail=OS.COMorg=DEALER

FreeStuff

CreditLine

Groups

User Store

1

Approval Required

2

3

4

Reduces administrative cost and improves user experience

mailto:[email protected]

Self-Registration

Support for multiple self-registration schemes– Multiple user communities (Partners vs. Contractors)– Multiple languages

Options for customizing self-registration– Use default form– Redesign form using the form designer

o Prompts, Fields, Hints, Layout, Branding, Formatting– For additional customization, generate WSDL for fully

customized web service interface

Redesigned form:Prompts, Fields, Hints, Layout, Branding, Formatting

Default form:

Self Management

Benefits:– Reduce administrative costs– Speed delivery of service to users– Improved user experience

Forgotten Password Support– Multiple Challenge/Response questions– Integration with SiteMinder password policy

Self Management options– Modify specific attributes– View Group and Role memberships– Request additional entitlements– Subscribe to self-subscribing groups– Change password

Key Functionality

Self-Service


Delegation




Extensibility



Integrated Workflow

Configurable Workflow Engine Supports: Multi-step, non-linear approvals Design workflow process variants

– Create Contractor vs Create Partner

Customizable rules defining approvers– Member of role or group, meets filter condition, custom– AutoApprove if no approvers are assigned

Customizable rules to identify who is notified Customizable e-mail templates

– Approved, pending, completed, rejected

Workflow API enables integration with other user management processes

Supplierregistersfor Goldstatus

Is Credit ratingA or B

Worklist for COO

• Approve gold status for I. Supply• Approve …

Name: I. SupplyStatus: bronze

COOapproves

TO: I. Supply

CC: Supplier Mgr

A

BNO YES

Name: I. SupplyStatus: gold

Workflow Customization

1. Copy Create User Approve process to generate Create Contactor Approve process

2. Specify HR group as approver

3. Specify Contractor Supervisor as approver

Key Functionality

Self-Service


Delegation




Extensibility



Delegation

Delegation is based on IdentityMInder roles and tasks– IM Admin roles allow management of users, groups, orgs, roles– Roles contain granular tasks (Modify User)– Create new roles by re-combining tasks– Create new tasks to meet business needs (Create Contractor)

Delegation Creating Admin Roles

During role creation, specify ALL the rules about the role– What are the tasks associated with this role?

o HelpDeskAdmin has Enable/disable User, Reset User Password, Modify User

– Who are the role members?o Can initiate the tasks of the roleo While performing this role, what users, groups,

orgs are in scope?

– Who are the role administrators?o Can delegate the role to others o While delegating this role, what users are in scope?

– Who are the role owners?o Can modify the role using this interface

Each role may have multiple member policies– People in HelpAdmin group – Title=ITManager

All role metadata stored in Policy Store

Delegation Membership Rule Examples

Member Requirement Rule Type Example

Must match one attribute value User Users where title starts with senior

Must match multiple attribute values User Users where title=mgr and locality<>east

Must be a member of another role User Users in admin role helpdeskadmin

Must belong to named org(s) Org Users in org sales and lower

Must belong to org(s) which meet a condition specified by attribute(s) on the org

Org Users in orgs where Business Type=gold or Business Type=platinum

Must belong to specific org(s) and match specific user attributes

Org + User Users where title=mgr and locality=east and who are in org sales or org marketing

Must belong to specific group(s) Group Users who are members of group ORGADMIN

Must belong to group(s) which meet a condition specified by attribute(s) on the group

Group Users who are members of groups where owner=CIO

Must meet some condition which is beyond scope of rule syntax

Query Users returned by the query ldap_query

Delegation Managing User Store Objects

Delegate responsibility for managing segments of the user store to the best qualified individuals – Non-intrusive support for the corporate user store– User stores supported

o Relational Database Single/multiple table based objects Objects retrieved by stored procedures Database generated unique identifier Delimited or row-based multiple values Native database datatypes

o LDAP v3 Hierarchical, Flat structure Auxiliary classes Groups

Delegation Managing Groups

Delegated group management provides for separation of duties:– Group Manager

o Create/modify/delete groupo Assign Group Admin(s)

– Group Admino Manage group membershipo Can manage groups regardless of organizational context

Group management can be hidden behind role assignment– Membership rule is a group

Support for – Self-subscribing groups – Nested groups– Dynamic groups– For example: All technicians (employeetype) with cell phones (mobile)

ldap:///ou=NeteAuto,o=security.com??sub?(employeetype= technician) (!mobile=NULL)

Key Functionality

Self-Service


Delegation




Extensibility



RBAC Support in SiteMinder®

Step 1: Use SM UI to link Access rolesto security policies

RBAC Support in SiteMinder®

Response returns user’s roles/tasks for authorization

Role & Task names are passed to the Application

Step 2:User defined variable

SiteMinder generated attributes SM_User_Application_Roles SM_User_Application_Tasks

Application name (optional)

Delegated User Admins

Why RBAC?

SiteMinder® role based policies secure applications– Efficiency, scalability, flexibility– Reduces administrative cost – Coexist with user based policies

Sales Support

Role

Employees

Contractors

Partners

Security Policy Admins

Web App

ERP App

OTShelf App

Custom App

Key Functionality

Self-Service


Delegation


Auditing and reporting


Extensibility



Auditing & Reporting

Configurable auditing logged to relational DB– Which objects?

o User Store objects – User, Org, Groupo IdentityMinder® objects – Roles, Tasks

– Which state transitions?o Approve, reject, executing, pending, completed, cancel, done

– What data?o Old values, new values, or both

Reports can be derived from audit data– Report types

o Auditing (for example, “what changes were made to UserB”)o Administrative (for example, “what roles can AdminA grant?”)

– Control access through the delegation modelo Specify which users can access which reports

Key Functionality

Self-Service


Delegation



Customizable interface

Extensibility



Customization Options

Rebrand, change look and feel of the IM UI Provide interfaces for users in different geographies

– Fully internationalized and localized to support multi-national companies

Reduce clicks for administrators with few responsibilities – Assure that IM administrators ‘first screen’ is optimized

Redesign forms used by delegated admins– Significant opportunities for customizing the interface using the IM

interface

Use web services interface (WSDL)– Generate WDSL files then perform additional customization if necessary– Enables embedding in the company portal

Customizing Look & Feel

Skin has components that may be edited to change look and feel– Headers and footers– Images – Colors and fonts

IM supports multiple skins, each consisting of– Cascading Style Sheet– Images (.jpeg, .gif, .png)– A .properties file that defines the components of a skin

Addresses accessibility requirements specified in Section 508 of the Rehabilitation Act

Tailoring the First Screen

First screen may vary by user

1. Few tasks – Listed in left nav

2. Many tasks – Categories in left nav

3. Workflow approver sees worklist first

1 2

Creating Custom Tasks for Admins

Tasks - the building blocks of custom views – Supports fine grained delegation

Use IM task designer to create new tasks – Copying and modifying existing tasks– Copy all or parts of tasks

User MgmtCreate UserModify UserView User

Contractor MgmtModify ContractorView Contractor

Employee Info:

Name:Employee ID:Department:Supervisor:

Contractor Profile:

Name:Dealer ID:Classification:

User Object

cnEmployeeNumberdepartmentNumbermanageremployeeType

Design Custom Forms with IM

• Rebrand, add links, text, etc• Add/remove/rename tabs• Remove the Org search• Re-label prompts• Add field hints

Key Functionality

Self-Service


Delegation




Extensibility



Web Service Support

Business Case:– IM is web service enabled

o Enables additional customization beyond what is supported through the IM interface

o Support embedding into corporate portal

– Support industry standard - WSDL

Steps:1. Identity which tasks will be enabled as web service

2. Customize those tasks as much as possible using IM interface

3. Export WSDL

4. Modify WSDL to complete customization

5. Use tools such as Apache Axis to generate web clients

IdentityMinder APIs

Logical Attribute API —Enables you to display an attribute differently than how it is stored physically in a user directory.

Business Logic Task Handler API —Allows you to perform custom business logic during data validation or transformation operations.

Workflow API —Provides information to a custom script in a workflow process. The script evaluates the information and determines the path of the workflow process accordingly.

Participant Resolver API --Enables you to specify the list of participants who are authorized to approve a workflow activity.

Event Listener API —Enables you to create a custom event listener that listens for a specific IdentityMinder event or group of events. When the event occurs, the event listener can perform custom business logic.

Notification Rule API —Lets you determine the users who should receive an email notification.

Email Template API —Includes event-specific information in an email notifi-cation.

Key Functionality

Self-Service


Delegation




Extensibility

Secure & Scalable


Secure Architecture

Scalability for Fault Tolerant Deployment

WS-3

WS-1

WS-2

UserStore

Browser Web Tier Application Tier Data Tier

J2EE Cluster

LoadBalancer


Supported Platforms

Leverages enterprise architecture

User store– LDAP Directories (SunOne, MS AD/ADAM, Novell eDirectory, Oracle

OID, IBM SecureWay, Siemens DirX, InJoin Critical Path)– Relational Databases (Oracle, MS SQL Server)

Application Servers– IBM WebSphere– BEA WebLogic– JBoss

OS Support: Windows, Solaris

Integrated Identity and Access Management

Date post:	25-Dec-2015
Category:	Documents
Upload:	rolf-lyons
View:	267 times
Download:	3 times

Identity and Access Management Solution Overview.

Documents