Tivoli provides SOA Security Management with:
- Policy management: WS-Policy, WS-SecurityPolicy
- Federated Identity Management: Liberty, SAML 2.0, WS-Federation, WS-Security
- Auditing and compliance for SOA: Compliance Automation)
- User provisioning: WS-Provisioning/SPML 2.0.
XML-level protection enhances SOA security management.
This simply maps the different steps of the DataPower AAA framework to specific IBM products and standards that may be used in each of these steps.
TAM - provides Authentication & Authorization
IBM Tivoli Access Manager ( now IBM Security Access Manager) handles the authentication and authorization part of your IAM infastructure.
TFIM - provides federated identity between organizations
IBM Tivoli Federated Identity Manager allows for federated and web Single Sign On. It can be used with ISAM, for example in a scenario that ISAM delegates the authentication part to TFIM for certain resources/cases.
ISAM does not speak SAML by itself, but it can leverage TFIM that does.
TAM and Datapower -
- In order to connect to TAM from DP, a TAM client must be configured in the DP SOA appliance.
- TAM is specified in the AAA policy.
References:
No comments:
Post a Comment