|
SelectAccess enables companies
to provide customized access to online information for customers,
partners, and employees.
This secured access ensures that users can
execute transactions based on their role, their relationship with
the organization, and the organization's security policy.
SelectAccess can be coupled with leading authentication mechanisms,
from passwords to digital certificates, to verify that individuals
are who they claim to be. These e-security solutions allow
organizations to control who accesses their corporate networks, what
are their privileges, which resources or services they are accessing
and what information is transferred in or out.
As businesses worldwide,
such as service providers, enterprise portals, financial
institutions and government agencies, move information,
applications, and relationships online, there is a blurring of the
traditional boundaries between employees, partners, customers and
vendors. This convergence creates a virtual enterprise with a
critical need to closely manage access and transaction privileges
for individuals and groups. The fine-grained access and
authorization management provided by SelectAccess empowers
businesses to mirror real-world relationships online.
Key
Features and Functions
SelectAccess delivers on
its next generation promises with features and functionality that
are truly a quantum leap ahead of the competition. A recent eWeek
review placed SelectAccess ahead other access-control products
on the market, highlighting its easy-to-use, unique features.
Revolutionary
Management Interface
- SelectView
Policy Matrix presents a clear view of which users have
access to what resources, and to what resources a
specific user has access
- Java-based
graphical user interface is used to manage access and
authorization policies from a central administration
point
- Individuals,
groups and dynamic roles are linked to corporate assets
with visual icons representing associated access and
authorization policies - down to URL, object or
transaction level
- Intuitive
drag-and-drop Rule Builder enables sophisticated,
customized policies to be created with ease
|
Flexible Delegated
Administration
- SelectLevel
Delegated Administration allows for delegation of both
user and policy management, providing more control for
decentralized administrators
- Supports highly
efficient and customized sub-delegation to multiple
tiers, closely mirroring real-world business structures
- A Web-based user
interface provides efficient and secure access to
administrative responsibilities
|
Innovative Network
and Resource Discovery
- SelectSearch
Automated Discovery provides an innovative scanning
mechanism that enumerates protected resources (URLs,
dynamic pages, portal links, etc.)
- Saves time and
improves accuracy by automatically evaluating and
populating resources within the SelectView Policy Matrix
|
Integration with
Dynamic IT Environments
- Supports Web,
non-Web, and legacy applications
- XML-based
framework and customizable APIs offer complete
extensibility in meeting the security needs of
individual organizations
- Supports LDAP v3
directory servers as the repository for user, resource
and policy data; works with existing user data and
directory schema
- Integrates with
leading Web and J2EEcompliant application servers
- Works with all
popular authentication schemes to allow flexibility in
strength of user identification; tightly integrated with
PKI (certificate management, authentication and
validation, automated certificate request processing)
|
Personalized User
Experience
- Role-based
access allows policies to be configured and
automatically applied according to information stored in
the user’s profile. For example, business partners
have a "Gold" role if on-line transactions
total $50,000, and move to "Platinum",
offering further discounts and programs, if the total
exceeds $250,000
- Personalized Web
pages can be displayed to each user based on information
they supply, and the attributes and policies defined by
administrators
- Single sign-on
across Web-based applications eliminates the need for
users to be continuously authenticated
|
Performance based
Scalability
- Three-tier
run-time architecture with loadbalancing and fail-over
supports high performance and mission critical
applications
- Advanced caching
of policy data minimizes traffic and processing
requirements, allowing for scalability to millions of
users
|
Tamper-proof
Auditing System
- Reports all
access and authorization actions, as well as all policy
administrative changes to a secure audit server
- Audit server
digitally signs audit entries
- Audits any
combination of output, including Oracle database, UNIX
syslog, NT EventLog, and/or file
|
Internationalization
- Supports
double-byte characters, enabling companies and their
users to present information according to their native
language (e.g., Chinese, Japanese)
- Includes
localized message support for log-in, registration,
passwords, authentication and authorization
|
SelectView Policy Matrix
Unlike other access
management products on the market whose interfaces are list-based
and difficult to configure, SelectAccess displays all users and
resources on the axis of a grid, making it extremely easy to view
and apply the access rules allow, deny, and conditional. With simple
visual icons to configure policies - as opposed to inputting columns
of text - administrative errors are less likely, but can be easily
traced, and rectified with a simple mouse click. Its overall
ease-of-use means any authorized business manager can be the central
administrator, without the need for extensive training. Conditional
policy rules are created using graphical nodes, or decision points,
to build decision trees. Each decision point represents common
policy conditions including time of day, encryption level,
authentication type and user's IP address.
SelectSearch Automated
Discovery
In order to define and
enforce authorization, SelectAccess must know all users and
resources. Most companies use directory and meta-directory services
to gather user data, but historically haven't addressed the role of
directories on the resource side. SelectAccess uses the directory
server as the central repository for user, resource and policy data,
and provides some timesaving functionality to assist in creating
resource records. The SelectSearch function automatically scans any
given network, enumerating available services and resources and
displays them hierarchically in the SelectView Policy Matrix. Unlike
other products that require manual data input, where a simple typing
error can put the security of resources at risk, SelectAccess saves
administrators time and improves accuracy.
SelectLevel Delegated
Administration
Other products, including
SelectAccess, can delegate management of user records (e.g. name,
title, email address, etc.). SelectAccess, however, goes a step
further by enabling delegation of policy management as well (e.g.
who is granted access to what information and under what conditions
this is allowed). This more closely emulates real-world processes by
putting the administrative responsibilities into the hands of those
closest to the end users, allowing for the most logical policies for
different organizations. Further still, where other products
delegated administration function is limited to one level,
SelectAccess supports multi-level delegation, via a web-based
interface. Assigned administrators are only able to see the portion
of the users tree for which they are responsible.
XML, LDAP and Open API
Architecture
SelectAccess is the only
product of its kind that uses XML from the ground up. Queries are
expressed as XML objects, which can be tailored to the specific
needs of different organizations. This offers complete flexibility
for data transmission and integration into existing and future
applications, whether web or non-web based; and provides single
sign-on capability across Web based applications.
An open API framework
allows SelectAccess to be extended in almost every capacity. With
API's, the system can be plugged in to any service or application;
resource discovery capabilities can be extended; decision criteria
on which policy rules are based can be added, as can additional
authentication methods.
SelectAccess uses any LDAP
v3 compliant directory server as the repository for user, resource
and policy information. Strong LDAP integration allows existing
corporate user data to be shared with multiple applications
including current and future PKI implementations.
SelectAccess is a trademark of Baltimore Technologies
Ltd.
|
