| |
|
|
Jericho Systems Corporation
News & Events
Monday, February
14, 2005
Jericho, Radiant Logic Team to Deliver Attribute-Based
Access Control and Context-Based Identity Services
Security and Personalization Combined With An
On-Demand Identity and Attribute Service Unlock The Value
of Existing Information Assets For Fine-Grained Policy and
Federated Identity
RSA Conference -San Francisco, CA-February
14, 2005- Jericho Systems, the leading provider of next
generation, fine-grained decisioning solutions for security,
personalization, and business process automation and Radiant
Logic, Inc., the leading provider of virtual directory and
context-based identity infrastructure solutions, today announced
an alliance that provides seamless technology integration
between the Jericho Systems' security, personalization, and
business process automation products and the RadiantOne Virtual
Directory Server. The joint integration enables organizations
to leverage their existing assets to put real-time decision
making into the hands of business users.
The Jericho Systems' EnterSpace Security Suite
(ESS) is designed to act as an authorization service within
a SOA. For example, in a CRM infrastructure, the technologies
work in tandem, with Jericho acting as an authorization server
and Radiant Logic as an attribute server. The ESS authorization
server protects resources and provides personalization while
the RadiantOne server provides the right attributes in the
right context through virtualization. ESS employs Attribute
Based Access Control (ABAC) which augments and extends Role
Based Access Control (RBAC).
"To date, even with the implementation
of innovative authentication techniques, many application
developers and enterprise architects have found enabling systems
to control access through 'fine-grained' authorization to
be an application-specific, time-consuming and costly task,"
said Michel Prompt, CEO of Radiant Logic, Inc. "The limitations
and cost of creating and relying on traditional RBAC techniques
can be a barrier. Any viable alternative for improving enterprise
security opportunities must overcome the 'stovepipes' among
applications, must focus on authorization and must be delivered
as application-neutral services available within a Service
Oriented Architecture (SOA). By combining a robust, fine-grained
policy engine with a flexible identity and attribute service,
our customers can define and enforce policy that reflects
the way they really do business."
The RadiantOne virtualization layer provides
an identity service that can access existing data sources
to reveal a complete picture of identity that is buried in
existing applications. Existing identity integration solutions
ignore the relationship between objects because of a lack
of "metadata" management. By ignoring relationships
between objects, these integration technologies lose information
about the context in which an operation occurred. The capability
to capture a global picture of the different application contexts-especially
their security contexts-is a key advantage when delivering
fine-grained authorization.
"Organizations need to leverage
their existing identity related information and the relevant
context surrounding the identity," said Brynn Mow, CEO
of Jericho Systems. "Attribute-based policy requires
a thorough understanding of the relationships among objects
and the ability to quickly access attributes in real-time.
Our integration with the RadiantOne virtual directory allows
our customers to leverage what they already have in their
distributed identity stores."
Most organizations architecting a federated
identity strategy focus first on simplifying the authentication
process by establishing secure trusted relationships and delegation.
However, in a federated environment, authorization and access
to resources are typically distributed and decentralized.
This, in turn, implies that a federation participant should
be able to authorize a user quickly based on a relatively
limited number of attributes passed by the authenticator service.
The authorization system must provide a service that quickly
correlates a user token with the right services, which means
quickly searching across many contexts to trigger a fine-grained
authorization.
Visit Jericho Systems at
www.jerichosystems.com.
Visit Radiant Logic at www.radiantlogic.com.
About Jericho Systems
Jericho Systems Corporation has next generation,
rules-based decisioning tools for security, personalization
and business process automation solutions. In the security
arena, Jericho Systems offers the EnterSpace Security Suite
(ESS) as an open standards based, authorization "service"
existing within an Service Oriented Architecture. The ESS
affords Fortune 1000 corporations and government entities
the opportunity to secure resources with incredible flexibility
and next-generation granularity using attributes. This next-generation
granularity will become a business necessity as Web Services
and Grid Computing implementations mature. Moreover, the ESS
removes many hidden provisioning and administration costs
inherent in the Role Based Access Control model by introducing
Attribute Based Access Control (ABAC). Jericho Systems is
based in Dallas, TX. The company provides "Tools that
Rule™".
Contact: Brynn Mow
For Jericho Systems
972-231-2000
brynn.mow@jerichosystems.comAbout Radiant Logic,
Inc.
Radiant Logic, Inc. is the leading provider
of virtual directory solutions for Identity Management and
Secure Enterprise Information Integration. Fortune 1000 corporations
rely on the RadiantOne Virtual Directory Server as part of
their identity integration infrastructure. RadiantOne provides
a common virtualization layer for identity and business contexts
using open standards such as LDAP, DSML, SPML, and SAML. The
solution provides a common model and global access to enterprise
applications such as HR, ERP and CRM as well as RDBMS and
LDAP directories. RadiantOne is deployed in Identity and Access
Management projects to simplify authentication, and authorization
in a distributed environment. RadiantOne is used in user management
and accounts/role provisioning for simplifying account aggregation,
reconciliation and synchronization.
Enterprises such as Daimler Chrysler, Disney,
Cummings Engine, Emerson, Freddie Mac, Lexmark, Symantec,
Telecom Italia, DISA, Sandia National Laboratories, and Time
Warner Telecom use the RadiantOne solution to speed deployment,
solve directory integration challenges and cut costs for identity
management projects. Partnerships with identity management
software vendors such as Netegrity (now CA) and professional
services organizations Accenture, Booz Allen Hamilton, and
Accenture demonstrate the broad impact of virtual directory
technology on the market.
Radiant Logic is based in Novato, CA. RadiantOne
&trade is a trademark of Radiant Logic, Inc. For more information,
visit www.radiantlogic.com.
|
|
|
