Computer Associates International, Inc has introduced eTrust Security Management Architecture, a unique standards-based approach to integrating authentication, authorisation and auditing mechanisms across multi-platform environments and the multi-tier applications they support.
As part of CA`s vision for complete, integrated and open identity and access management, this new architecture provides essential security, transparency and reliability for business transactions as they move across today`s complex, heterogeneous IT environments.
CA also released r8 of eTrust CA-ACF2 Security for z/OS (eTrust CA-ACF2), and r8 of eTrust CA-Top Secret Security for z/OS (eTrust CA-Top Secret), the first two eTrust Identity and Access Management solutions that will take advantage of the new architecture. CA will build this support into all of its eTrust Identity and Access Management solutions over time.
In today`s highly sophisticated IT environments, the execution of a typical business transaction involves multiple layers of applications and multiple underlying technologies including Web services, middleware and other systems - ultimately leveraging back-end data that often resides on the mainframe. Each of these technologies may utilise different security mechanisms for authentication, authorisation and auditing. These multiple mechanisms create a variety of security management problems for IT, including the vulnerabilities and auditing inadequacies that result when one application uses a default or generic user ID to gain access to another application. The multiple security mechanisms used by each platform also create integration challenges and potential regulatory compliance issues.
eTrust Security Management Architecture addresses these problems by providing a common security "backbone" across all underlying technologies. It leverages open standards such as WS-Security, SAML, SPML, ISO-10181 (AZNAPI), Kerberos, X.509 and SAF to enable true interoperability between diverse platforms and security mechanisms.
In addition, because eTrust Security Management Architecture tracks user identities in a consistent manner even as transactions transverse the end-to-end processing environment, it provides a truly complete audit trail and uniquely enables enforcement of intelligent, platform-independent security policies.
eTrust Security Management Architecture provides:
* Intelligent decision processing - Enables security policies based on point of entry, authentication type or other variables that may change the attributes of a specific transaction. This supplements existing security policies for better decision processing.
* True accountability and trust - Ensures a user`s identity is not lost in a transaction by delivering identity mapping across boundaries, providing a complete audit of a transaction as it moves throughout the organisation.
* Bridging identity and access management - Unites disparate authentication, authorization and auditing information across multi-platform systems and applications.
"Loss of end-to-end accountability for business transactions implemented in a multi-tier and multi-platform application architecture is a serious problem for enterprises coping with stringent audit and regulatory compliance demands," said Phil Schacter, vice-president and service director of the Burton Group. "An architected and standards-based approach is needed to address this key audit and security issue for large enterprise customers."
eTrust CA-ACF2 and eTrust CA-Top Secret will integrate with the eTrust Security Management Architecture to provide enhanced authentication and authorisation checking of transactions that leverage the mainframe. Key features of the new r8 releases announced today include:
* Multilevel Security (MLS), an optional layer of protection on top of discretionary access control (DAC).
* LDS (LDAP Directory Service) enhancements that provide additional support including recovery processing and the ability to send installation data. Additional time/date conversion routines are also included to provide a complete list of date patterns that can exist on a remote directory.
"CA is committed to providing security solutions that simplify security management across all platforms - mainframe and distributed," said Toby Weiss, senior vice-president of eTrust security management at CA. "With CA`s eTrust Security Management Architecture, the fragmented panoply of application- and platform-specific security mechanisms across the enterprise can be seamlessly coordinated - easily and effectively securing complete business transactions as they move across process boundaries."
CA is demonstrating eTrust Security Management Architecture and the new releases of eTrust CA-ACF2 and eTrust CA-Top Secret at the SHARE Technology Exchange this week in Anaheim, California.
A white paper on eTrust Security Management Architecture is available here.
Share
Computer Associates International, Inc (NYSE:CA), one of the world`s largest management software companies, delivers software and services across operations, security, storage, lifecycle and service management to optimise the performance, reliability and efficiency of enterprise IT environments. Founded in 1976, CA is headquartered in Islandia, New York and serves customers in more than 140 countries. For more information, please visit http://ca.com.
Editorial contacts