SiteMinder Overview
- Provides
policy-based security:
– Security
code removed from applications and put into SiteMinder rules and policies
– Shifts
responsibility for security from application developers to SiteMinder
Administrators
- Components extend the n-tier
architectural model
- Services for security configuration,
policy evaluation, personalization, and ongoing management.
Netegrity SiteMinder
provides all of the critical capabilities to meet the stringent needs of large
e-business and corporate portals. It provides an infrastructure for centralized
and secure policy management that scales to meet the needs of even the largest
portal sites. It provides a way to authenticate users and manage user’s
privileges so that they gain access only to those applications or operations for
which they have been authorized. In addition, SiteMinder provides for easy
personalization of content, as well as single sign-on.
Security policies
provide the most complete security solution by defining not only the type of
access a user or user group has to a resource but also what happens when a user
or user group accesses the resource. Security policies go beyond the
capabilities of ACLs by enabling you to manage the user experience. The
SiteMinder authorization model is based on security policies.
SiteMinder combines
the use of policy servers with agents to provide access control for resources,
deployed on Web servers for example.