AssureAccess is access management software that provides application security for J2EE/Javabased web, portal and web services applications as well as securing traditional web servers.
It is designed to enable developers and systems administrators deploying e-business solutions to include authentication, SSO, authorization, audit, user management and security policy administration in their applications without having to build custom security code for each application.
However, the Java plug-in and Servlet filter provide bolt-on security that does not require application modifications. For application developers who need to build security- aware applications, the JSP Tag Library and Java API enables security to be customized in applications while still enabling central administration.
AssureAccess comes with 16 standard rules and custom rules can be added. Policy definitions allow fine-grained controls to be applied.
The security policy architecture also allows delegation of responsibilities to departmental administrators or business units.
The performance of Assure- Access is optimized for authorizations, which occur more frequently than authentications, by packaging all user credentials and entitlements in an 'Attribute Certificate' that travels through the system with the user.
For standards and platform support, AssureAccess uses Security Assertion Markup Language (SAML) Attribute Certificates for user credentials and X.509 Public Key Certificates to encrypt communications.
It uses LDAP as a Policy Store for configuration and security information and, therefore, most LDAP-compliant directory services are supported.
AssureAccess can authenticate to existing user repositories, including LDAP, Windows domains and databases. It also permits the addition of custom connectors to authenticate against any user.For application developers, integrating AssureAccess into applications permits the security components to be separated out and maintained centrally, leaving developers to focus on the application itself, thereby enabling faster development.
Scalable with an intuitive GUI and wizards to make implementation easy.
Its full benefits can be realized only in an application development environment.
Provides SSO without modification to applications, but can also provide a full Java-based development environment for developers wishing to make the applications themselves fully security-aware.