BEA today announced a stategic partnership with CA, which will see the latter’s access and identity management solutions (SiteMinder and Identity Manager) integrated with the former’s WebLogic and AquaLogic application and service infrastructure platforms.
I agree completely with Wai Wong’s (BEA’s executive vice president of products) statement in the press release that
Identity and Access Management is critical within SOA
not least because we have said as much in our service infrastructure assessment model and our report on identity management.
Despite this agreement, I am still left a tad confused by this partnership as it is far from clear what this means for AquaLogic Enterprise Security (ALES), which BEA describes as
a fine-grained entitlement management solution that combines centralized policy management with distributed policy decision-making and enforcement. This combination provides management and control of your critical applications
How will SiteMinder integrate with ALES? Will ALES continue to integrate with other identity and access management solutions? Does BEA plan to provide a common policy definition and enforcement framework across ALES and SiteMinder?
We point out in our assessment of BEA’s service infrastructure offerings that there are some important gaps when it comes to security and identity management, which explains why BEA felt the need to establish this partnership. However, as well as answering a number of questions from potential adopters, this partnership is going to raise a few more for existing customers with an investment in ALES. I for one look forward to learning more about the two companies’ plans to
validate and further extend integration between CA SiteMinder and BEA WebLogic and AquaLogic technologies
SiteMinder provides the authentication & web SSO, while ALES provides fine-grained authorization, data redaction, attribute-based entitlements for your portal, data & proxy services, Java EE, etc. CA passes its identity (typically maintained in a cookie) to ALES via identity assertion SPI.
SiteMinder provides the authentication & web SSO, while ALES provides fine-grained authorization, data redaction, attribute-based entitlements for your portal, data & proxy services, Java EE, etc. CA passes its identity (typically maintained in a cookie) to ALES via identity assertion SPI.
This certainly clarifies things from a functional perspective Matthew. I wonder whether the integration provides a common approach to management, auditing/logging, policy definition and so forth?
This certainly clarifies things from a functional perspective Matthew. I wonder whether the integration provides a common approach to management, auditing/logging, policy definition and so forth?
I envision identity (user/group) being managed through CA IdentityMinder and/or their provisioning product if either is in the picture, with entitlements (roles, permissions, authorization) and policies being defined & managed through ALES Entitlements administration.
I think there will be one or more 3rd parties that comes into the picture for governance, auditing, compliance, etc. via OEM or acquisition.
I envision identity (user/group) being managed through CA IdentityMinder and/or their provisioning product if either is in the picture, with entitlements (roles, permissions, authorization) and policies being defined & managed through ALES Entitlements administration.
I think there will be one or more 3rd parties that comes into the picture for governance, auditing, compliance, etc. via OEM or acquisition.