New XACML Standards Based Authorization Solution From Axiomatics Extends the Capabilities of CA SiteMinder

Share Article

Axiomatics, the leading independent supplier of attribute-based access control solutions, today announced the launch of the Axiomatics Extension for CA SiteMinder®, which has received the CA Validation designation. The extension enables organizations to further leverage their CA SiteMinder investments, making data governance and privacy regulations easier to comply with for SOA and web access management.

In line with the recent accreditation of XACML 3.0 (eXtensible Access Control Markup Language), Axiomatics, a CA Technologies partner, has launched the Extension for CA SiteMinder and thus enhanced its powerful authorization solution, the Axiomatics Policy Server (APS). The extension, which utilizes the latest version of the standard, adds dynamic and standards-based authorization capabilities to the SiteMinder environment.

The Axiomatics extension is designed to leverage CA SiteMinder’s existing authorization capabilities by allowing users to implement risk-intelligent policies that adapt with an organization’s changing IT environment. When used in combination, the solutions enable organizations to implement data governance with standards-based policies that control SOA and web access management. The Extension for CA SiteMinder has obtained the CA Validation designation. The CA Validation program is designed to provide a standard process to test technology partners’ integrated products. Specific criteria must be met including verifying that a technology partner’s integrated solution correctly installs, configures, and performs as described by the technology partner.

According to Gerry Gebel, President Axiomatics Americas, “The extension brings obvious benefits to CA SiteMinder users who want to apply a standardized approach to authorization without having to modify their applications or infrastructure.”

With the introduction of standards-based policies, organizations can control data access based on wide-ranging and dynamic parameters. This includes everything from the device used, location and time of access, to reason for access, current permission status, and segregation of duties. With these capabilities organizations can write and enforce data governance and compliance policies for HIPAA, SOX, PCI, and others using a standards-based policy language. The combined solution also simplifies the development and enforcement of authorization for applications such as HR, insurance claims processing, and purchasing. By centralizing authorization with the Axiomatics Policy Server, organizations can easily support delegation of duties, separation of duties, or specific conditions on data access without changing the application software.

“CA SiteMinder is an amazingly versatile tool for authentication and authorization services.” continues Gebel. “It has an interface for dynamic, active policies that the Axiomatics extension uses to plug in standards-based, XACML-powered fine-grained authorization. The combined feature set of CA SiteMinder and APS enables secure processing of business-critical data via the web.”

The Axiomatics Extension for CA SiteMinder is lightweight and easy to roll out. For policy creation, users can use the versatile XACML policy editing tools from Axiomatics. These include the Axiomatics Language for Authorization (ALFA), a simple yet rich human-readable policy language and the regular policy administration point (PAP).

“Axiomatics has a wealth of expertise in the area of XACML-based authorization, and we are proud to work with them as they deliver a standards-based solution to complement CA SiteMinder,” says Lina Liberti, senior vice president, Security Product Management, CA Technologies. “In the dynamically changing regulatory and data governance environment, the Axiomatics extension can add value to the CA SiteMinder community by helping organizations rapidly adapt applications protected by CA SiteMinder to new regularly requirements, while preserving the investment in CA Technologies best-in-class web access management solution.”

About Axiomatics
Axiomatics, located in Stockholm, Sweden and Salt Lake City, USA, is the leading provider of fine-grained and attribute-based authorization (ABAC) solutions. The company has a global customer base within healthcare, finance, manufacturing and the public sector, among others. The company’s solutions help protect systems against unauthorized use while enabling secure sharing of information within and across enterprise borders. Axiomatics actively contributes to the development of the XACML standard and has editorial responsibilities within the OASIS Technical Committee.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Gerry Gebel
+1 801 556 9994
Email >
Visit website