Start-up Securent aims at 'entitlement management'

Start-up Securent makes its debut this week with enterprise middleware for policy-based user authorization and enforcement, an area of provisioning known as entitlement management.

Securent’s Entitlement Management software gives IT managers a way to centrally define the applications to which a user may be given authorization, and integrate these controls into an already-deployed identity-management environment. According to analysts, Securent’s software fills a need overlooked by much of industry, though CA, BEA and Oracle are also zeroing in on this identity-management segment.

Jonathan Penn, principal analyst for identity and security at Forrester Research, said Securent “is addressing a neglected part of identity management: authorization. And more specifically, fine-grained authorization -- not just the authorization based on the user and the URL address they’re going to that the Web single-logon vendors have, but very sophisticated policies for who could do what on which resource based on a range of data that could be both dynamically determined and application specific.

“It’s a big gap in centralized management and a difficult nut to crack,” Penn added, noting that Securent and CA with its IAM Toolkit product seem the most ambitious vendors in taking it on.

“If you look at the way most applications have been developed, there has not been a consistent process around the design approach so you can get fine-grained authorization or entitlements,” says Roberta Witty, research vice president for security and privacy at Gartner. “These authorizations tend to be all over the place.”

Sometimes corporations seek to improve the situation through custom coding practices. Securent’s Entitlement Management software brings fine-grained centralized control into place through three modules, the Policy Administration Point to provide centralized administration management; the Policy Decision Point to evaluate resource-specific authorization policies; and the Policy Enforcement Point to enforce the entitlement policies.

The software, which runs on Windows, Linux or Unix servers, can centralize the policy enforcement for databases, applications and network access so user entitlements can be administered through a SOA-compliant service.

Vendors that include BEA, Oracle and CA all market user-provisioning tools, but Securent is carving out a niche for itself with the first software entirely based on the eXtensible Access Control Markup Language (XACML) 2.0 standard, Witty says.

Securent’s co-founder and CEO, Rajiv Gupta, says he launched the Palo Alto, Calif.-based start-up with CTO Sekhar Sarukkai because corporations and government agencies face various pressures to find better authorization and policy-enforment methods.

“It’s an age-old problem with the new business drivers, such as security, compliance and governance,” Gupta says. “And companies are extending their reach through outsourcing and partnerships.”

A handful of corporations, including Credite Suisse and Qualcomm, are testing the Entitlement Management software, which costs about $200,000, according to Securent, which has an undisclosed amount of venture-capital funding from Greylock Partners and Onset Ventures.

Learn more about this topic

Network World resource link for the XACML standard

The OASIS Web site for the XACML standard

Insider Shootout: Best security tools for small business
Join the discussion
Be the first to comment on this article. Our Commenting Policies