CA Tries to Ease Identity Access Management for SOAs

CA's IAM r12 promises to simplify regulatory compliance with automated access management capabilities, policy analysis and reporting.

CA is moving to provide end-to-end security management for service-oriented architectures, beginning with a major update to its identity and access management product.

With CA IAM r12, the company promises to ease the strain of regulatory compliance by automating identity access management-related controls and providing security policy analysis and reporting capabilities. In addition, the product will allow for the extension of identity access management capabilities to business services across the enterprise, CA officials said. The companys plan is to roll out IAM r12 in phases, with the first featuring CA SOA Security Manager and new versions of CA SiteMinder and CA Directory.

"We are releasing the IAM solution over time in phases basically both for internal readiness purposes and because we are cognizant of the fact that customers adopt our solution modularly and evolve over time," said Matthew Gardiner, senior product marketing manager. "For this phase, all product components are planned to be GA [generally available] before the end of calendar 2007. Mainframe and SOA Security Manager are already GA. Directory r12 and SiteMinder r12 are planned for November and December respectively."


Click here to read about a tool from CA designed to help manage large deployments of BlackBerry devices.

CA SOA Security Manager r12 enables IT organizations to centrally manage the security of their enterprise SOA/Web service deployments by inspecting security information contained in XML documents submitted by service consumers to determine access, company officials said. In addition, through the SOA Security Gateway, it provides a proxy-based security policy enforcement point, mitigation of XML malware threats, and automated routing and protocol translation, officials added.

The new version of CA SiteMinder Web Access Manager includes new policy analysis and reporting capabilities and improved support for federation with devices with nontraditional browsers such as mobile phones. In the upgraded CA Directory, the company has added, among other things, more granular audit logging to ease regulatory compliance controls and support for dynamic roles for greater administrative flexibility, CA officials said.

"SOA deployments, when taken to their logical ends, will be more distributed and diverse that any other previous IT architecture … and so, managing of access to these services will be particularly challenging," Gardiner said. "Applications will also be assembled from a mix of services, some of which will be provided by outside organizations. Thus, the management of security will have to occur across organizational boundaries. If we dont manage security centrally, the risk of building security silos becomes very great and is something that will make securing SOAs untenable."

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.