Develop and enforce security policies across IT application environments
IBM® Tivoli® Security Policy Manager externalizes security policies from applications, enabling you to centralize and simplify application entitlement and fine-grained data access control. The result is strengthened access control for applications and services that improves regulatory compliance and governance across the enterprise.
Tivoli Security Policy Manager:
- Provides unified, consistent policy management and runtime enforcement across applications, databases and intermediaries.
- Transforms corporate security policies into IT operational instructions to make it easier for IT organizations to align with line of business decisions.
- Helps you manage security policies in service-oriented architecture (SOA) environments and enforce fine-grained entitlements by acting as the centralized administration point.
- Enables scalability and performance for authorization enforcement by rendering authorization decisions in remote or local mode.
- Provides interoperability and integration through open standards to extend data security capabilities and optimize IT investments.
Provides unified, consistent policy management and runtime enforcement
- Delivers a single view into application roles, data entitlements and fine-grained policy enforcement.
- Provides the central policy decision source to manage message protection and complex authorization policies.
- Enables authoring, transforming, distributing, enforcing and monitoring of corporate security policies to help demonstrate compliance.
- Offers a robust security runtime as a service, decoupling the native authentication or authorization capabilities of an application.
Transforms corporate security policies into IT operational instructions
- Enables you to define and capture security policies and business entitlements using corporate-defined parameters.
- Offers a wizard-based user interface to allow application owners to define application and data entitlements.
- Maps parameters to IT, configuring and distributing instructions to targeted policy enforcement points.
- Allows administrators to organize, manage and enforce security rules.
- Enables federated policy management to collaborate across multiple domains and lines of businesses.
Helps you manage security policies in service-oriented architecture (SOA) environments and enforce fine-grained entitlements
- Demonstrate compliance with a single view of application roles.
- Simplify the management of security policies to enable operational governance.
- Publish web services security policies back to the service registry or distributes to multiple enforcement points.
- Enable administrators to author and manage application and data entitlements using roles, transactions and services/resource-level contexts.
- Configure and transform policies to eXtensible Access Control Markup Language (XACML) for distributed policy decision and application- and data-level enforcement.
Enables scalability and performance for authorization enforcement
- Scales both horizontally and vertically to adapt to changing business needs.
- Supports identity mediation and authorization services, partial policy replication and decision caching.
- Supports plug-ins that natively enforce standards-based policy queries, and can support custom applications like Java, .NET and mainframe applications.
- Uses information from multiple points to evaluate and render decisions.
Provides interoperability and integration through open standards.
- Delivers integration for data and application entitlement management for Java, Portals, web services, Enterprise Content Managers and more
- Imports application roles and integrates with existing identity systems and standards such as XACML, WS-Trust, WS-Policy and others.
- Provides open standards-based integration with service registries, Microsoft, Oracle, SAP and other third-party applications.
- Supports a range of service interfaces and policy expressions.
Tivoli Security Policy Manager