eTrust Adds Security Management 'Architecture'
Computer Associates’ eTrust division this week announced a new “security management architecture” that will eventually permeate its entire line of security and identity management tools. At the same time, it began shipping new versions of two of its eTrust products that take advantage of the new architecture.
The eTrust Security Management Architecture is part of CA's vision “for complete, integrated and open identity and access management . . . providing essential security, transparency and reliability for business transactions as they move across today's complex, heterogeneous IT environments,” officials for Islandia, N.Y. -based CA said in a prepared statement.
CA’s new architectural approach aims to integrate authentication, authorization, and auditing mechanisms across multi-platform environments and the multi-tier applications they support. The architecture is standards based, supporting WS-Security, SAML, SPML, ISO-10181(AZNAPI), Kerberos, X.509, and SAF, the company says.
According to CA, among the capabilities enabled by the new architecture are security policies based on point of entry, authentication type or other variables that may change the attributes of a specific transaction. It also ensures that a user's identity is not lost in a transaction by enabling identity mapping across boundaries, providing a complete audit of a transaction as it moves throughout an organization. Additionally, it aims to unify disparate authentication, authorization and auditing information across multi-platform systems and applications.
The first products to support CA’s new architecture are versions 8 of eTrust CA-ACF2 and eTrust CA-Top Secret. One key improvement in the updated products is the addition of multilevel security, an optional layer of protection on top of discretionary access control. In addition, the two products add LDAP Directory Service enhancements that provide additional support, including recovery processing and the ability to send installation data.
CA plans to build support for the architecture into all of its eTrust Identity and Access Management solutions over time.
Stuart J. Johnston has covered technology, especially Microsoft, since February 1988 for InfoWorld, Computerworld, Information Week, and PC World, as well as for Enterprise Developer, XML & Web Services, and .NET magazines.