Are you looking for a concrete technology offering for a Security Management Ecosystem?
OpenPMF™ is ObjectSecurity's ground-breaking security management solution. It is the first generic model-driven security (MDS) solution in the market. It is authorisation-centric (also called entitlement-centric) vs. traditional identity-centric security management solutions.
OpenPMF provides a security management ecosystem that allows any provider of technology to "plug" into a common, consistent security management framework. This is why OpenPMF™ is called a Security Management Ecosystem™. Any modelling tool (e.g. MDA/code generation, or SOA/BPM/BPEL orchestration) can be integrated into the security manager, and practically any IT system can be protected using local plug-ins. Click here to join the OpenPMF Security Management Ecosystem™.
Sunday 7 October 2007
Definition: Security Management Ecosystem?
ObjectSecurity advocates a radically new approach to enterprise security management, the OpenPMF Security Management Ecosystem.
A Security Management Ecosystem is an open framework that allows all relevant stakeholders to "play together". It is ground-breaking in that it is designed to remove costly, unnecessary security management duplication across the entire enterprise. In addition, vendor lock-ins are prevented. It is time to simplify enterprise security management by providing an inclusive ecosystem for all stakeholders.
If you are an end user, the benefits include easier security management, consistency, lower maintenance, increased re-use and flexibility. First and foremost, you will be able to define security policies in the way YOU think about security in the context of your organisation. You can also prevent duplication (e.g. security management in numerous different places and in incompatible ways) and thus keep the security maintenance cost to a minimum. Furthermore, you prevent a vendor lock-in by the multitude of technology suppliers you may use - you own your Security Management Ecosystem and the vendors will have to play to your rules.
If you are a technology vendor, joining the Security Management Ecosystem means that you do not have to deal with security management yourself but instead you can leverage the security management already deployed at the end user. In addition, you simplify the integration of your technology into the end-user's IT infrastructure, which increases your sales. Configuration and set-up costs are reduced because security policies are dealt with by a different stakeholder. You simply do what you are best at - you provide your software to the customer and delegate security management to the Security Management Ecosystem.
You can tie into the Security Management Ecosystem in numerous places:
A Security Management Ecosystem is an open framework that allows all relevant stakeholders to "play together". It is ground-breaking in that it is designed to remove costly, unnecessary security management duplication across the entire enterprise. In addition, vendor lock-ins are prevented. It is time to simplify enterprise security management by providing an inclusive ecosystem for all stakeholders.
If you are an end user, the benefits include easier security management, consistency, lower maintenance, increased re-use and flexibility. First and foremost, you will be able to define security policies in the way YOU think about security in the context of your organisation. You can also prevent duplication (e.g. security management in numerous different places and in incompatible ways) and thus keep the security maintenance cost to a minimum. Furthermore, you prevent a vendor lock-in by the multitude of technology suppliers you may use - you own your Security Management Ecosystem and the vendors will have to play to your rules.
If you are a technology vendor, joining the Security Management Ecosystem means that you do not have to deal with security management yourself but instead you can leverage the security management already deployed at the end user. In addition, you simplify the integration of your technology into the end-user's IT infrastructure, which increases your sales. Configuration and set-up costs are reduced because security policies are dealt with by a different stakeholder. You simply do what you are best at - you provide your software to the customer and delegate security management to the Security Management Ecosystem.
You can tie into the Security Management Ecosystem in numerous places:
- Development/deployment tool vendors (e.g. modelling, MDA, software development, BPM/SOA orchestration) can tie into the model driven security manager from the top. This means security can be managed seamlessly from within your tool, using all the useful information your tool provides.
- Risk/impact analysis vendors and consultancies can provide their recommendations as input models used by OpenPMF 2.0 to generate enforceable security policies. Models for regulatory compliance and enterprise security architecture can also be fed in.
- Runtime software vendors (e.g. including middleware, applications, operating systems, databases) can tie into the Security Management Ecosystem from the bottom. This means security policies can be managed consistently for your technology within the wider ecosystem.
- Security analysis vendors can tie into the Security Management Ecosystem by using the information provided by OpenPMF 2.0 plug-ins. This way you will have a lot of rich information about security relevant activities available to analyse potential vulnerabilities.
- Suppliers of security model checkers can also tie in by working together with ObjectSecurity to provide model checking functionality as third-party features in the Security Management Ecosystem.
Further information: OpenPMF Security Management Ecosystem
Click here to join the security ecosystem
OpenPMF 2.0 is at the heart of the Security Management Ecosystem. It allows you to specify and maintain intuitive security polcies in a central graphical policy manager.It uses well-accepted modelling practices and standards (which saves resources and minimises human errors).
Subscribe to:
Posts (Atom)
