Start-up Securent makes its debut this week with enterprise middleware for policy-based user authorization and enforcement, an area of provisioning known as entitlement management.
Securent’s Entitlement Management software gives IT managers a way to centrally define the applications to which a user may be given authorization, and integrate these controls into an already-deployed identity-management environment. According to analysts, Securent’s software fills a need overlooked by much of industry, though CA, BEA and Oracle are also zeroing in on this identity-management segment.
Jonathan Penn, principal analyst for identity and security at Forrester Research, said Securent “is addressing a neglected part of identity management: authorization. And more specifically, fine-grained authorization -- not just the authorization based on the user and the URL address they’re going to that the Web single-logon vendors have, but very sophisticated policies for who could do what on which resource based on a range of data that could be both dynamically determined and application specific.
“It’s a big gap in centralized management and a difficult nut to crack,” Penn added, noting that Securent and CA with its IAM Toolkit product seem the most ambitious vendors in taking it on.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (1)
Model driven security: authorization/entitlement management needs to be manageableBy objectsecurity on April 20, 2008, 10:17 amThis article outlines well why externalized authorization policies are the way forward. What it does not really clarify is that authorization management does not...
Reply | Read entire comment
View all comments