EnterSpace for Security

Contextual Entitlement and Privilege Management..Put Identity Management to Work

The EsDS for Security provides for next-generation, contextual security decisioning including:

  • Authentication Support
  • Coarse-to-Fine-Grained Authorization and Run-Time Entitlements/ Privileges
  • Federated Attribute Retrieval and the Creation of Attribute Authorities

The EsDS for Security leverages existing Identity Management Services (IDM's) to deliver an attribute-based, security service that operates as a service within an open standards-based Service Oriented Architecture (SOA). The EsDS operates in both a connected and disconnected/ tactical environments.

Supported IDM's include:

  • Third Party IDM's that Support SAML 1.1 and 2.0
  • Numerous Third Party Single-Sign-On Products
  • Public Key Infrastructure (PKI), including DoD PKI, and the support of CRL's, OCSP, and SCVP
  • FIPS 201 Compliant Credentials
  • Kerberos

Utilize the EsDS to secure:

  • Web Services
  • Web Applications
  • LDAP-enabled Directories
  • Legacy Applications
  • Documents and Files
  • Physical Access Control

The EsDS for Security addresses fundamental needs of the next-generation security architecture for the enterprise:

  • Tear down the walls and silos hindering secure, interoperable information sharing created by security implemented on an application-by-application basis. The EsDS externalizes security decisioning to a callable, distributed service.
  • Replace proprietary security interfaces and agents with open standards-based interfaces, including SAML and XACML.
  • Take advantage of the movement towards Web Services and SOA's while still remaining secure, especially as SOA's create the need for finer-grained authorization.
  • Attribute Based Access Control (ABAC) - Secure resources when the consumers of the resources come from communities of interest (COI's) that must form, morph, and disband on-the-fly.
  • Leverage an enterprise security service that cleanly integrates with your existing identity management platform.
  • Distribute attribute-based security decisioning securely across the enterprise.
  • Public-Key-Enable applications; including the utilization of OCSP and SCVP, with minimal-to-no code changes to the applications.
  • Quickly enable FIPS 201-compliant credentials for use with applications.

The EsDS for Security provides a Contextual Entitlement and Privilege Management service designed to augment and extend Role Based Access Control (RBAC) and User Based Access Control (UBAC) with ABAC, Policy Based Access (Policy Based Access Control), and Risk Adaptive Access Control (RADAC).