CA tool kit enables shared security controls to be integrated with existing apps

Opinion
Jun 22, 20053 mins

* CA's eTrust Identity and Access Management Toolkit

Last time out I spoke about smaller, more tightly focused, industry events (conferences, trade shows, user group meetings, etc.). All of that reminded me to mention something that occurred at the Gartner IT Summit in Washington, D.C. earlier this month. At that conference, Computer Associates announced its eTrust Identity and Access Management (IAM) Toolkit. While it’s aimed at commercial developers, in-house programmers might benefit more from this release.

The tool kit allows developers to integrate shared security controls to existing applications as well as add them in to new business applications. By using these common security controls across all enterprise applications, an organization can leverage standardization to ease the pain of implementing necessary IAM procedures.

The tool kit provides a software development kit (SDK) and additional technologies that enable developers to embed a common set of fine-grained, identity-based security controls within applications, according to CA. Unlike some “tool kits,” it can be implemented with a full range of third-party provisioning and identity management tools, as well as with CA’s own eTrust security solutions, to create a comprehensive enterprise security and identity management environment.

The eTrust IAM Toolkit facilitates writing fine-grained access policies defined in a structured language format. These access policies can include time-based criteria like standard working hours and/or dynamic criteria such as customer spending limits. Policies can execute specific actions immediately following an authorization check, allowing business and/or security management workflows to be driven based on authentication/authorization results.

The tool kit also implements performance optimization by allowing policies to be evaluated locally, minimizing external authorization calls, and allowing authorization checks measured at the rate of thousands per second.

To meet different auditing requirements, the eTrust IAM Toolkit gives the user total flexibility to define what events to capture. It thus enables them to apply a consistent audit format across all of their applications.

There’s a lot more to the toolkit, of course, and if you’re at all interested (and many of you should be) you should visit https://ca.com/etrust/iam_toolkit to learn more.

Speaking of small conferences, I want to point you to a new meeting that’s just been announced to take place in conjunction with next month’s Catalyst conference in San Diego. On Tuesday, July 12, Radiant Logic will hold its first Virtual Directory User Meeting with presentations by users of Radiant Logic’s Virtual Directory Engine (VDE), company CEO Michel Prompt and even a curmudgeon or two. Details and registration at https://www.radiantlogic.com/ns/news/Catalyst2005.shtml and I hope to see you there.