Alongside the Gartner Application Architecture, Development & Integration Summit 2009 in Las Vegas this week, SOA security vendor, Forum Systems released a new identity broker hardware appliance, Forum STS.
With an increasing number of enterprises expressing interest in moving SOA into cloud computing environments, security has been and continues to be at the forefront of concerns. Offerings like this one provide a way to manage identities in a more federated environment where business unites and external trading partners become a part of the architecture.
The product handles mediation, authentication and authorization of identity exchange for portals, web applications and XML-based web services inside federated service-oriented architectures. Using standards like SOAP and REST, Forum STS places a focus on customer-facing projects that are accessed from entities both internal and external to an enterprise.
The product’s approach involves the use of identity tokens, which the system translates from one protocol or messaging format to another. Using tokens, the company says, will decrease the need for developer involvement in identity management.
The company says Forum STS provides the following features:
- Centralized authentication, authorization and access control with identity token translation (cookies, Basic Auth, SSL, SAML, WS-Identity)
- Direct integration with major identity systems, including CA Siteminder, IBM TAM, RSA ClearTrust, Oracle Access Manager, Sun JSAM, HP SelectAccess, Kerberos KDC, ActiveDirectory, and LDAP
- Hardware acceleration and caching mechanisms to boost performance and scalability
- Security built on a JITC DoD PKI-, FIPS 140-2 Level-II infrastructure
- Simplified Token Exchange, which consumes and generates protocol and messages-based identity tokens, eliminating the need to code against proprietary libraries