1 / 20

Component : Policy Director

Component : Policy Director. User Administration : 사용자 등록 관리 Global Sign-On : 사용자 Log On 관리 Security Manager : 보안 정책 생성 및 적용 관리 Policy Director : 웹 서버 접근 관리 Privacy Manager : 개인 정보 접근 관리 Risk Manager : 침입 위험 관리 PKI : 공개 키를 이용한 인증 관리. Component : Policy Director - 특징.

ivan
Download Presentation

Component : Policy Director

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Component: Policy Director • User Administration : 사용자 등록 관리 • Global Sign-On : 사용자 Log On 관리 • Security Manager : 보안 정책 생성 및 적용 관리 • Policy Director : 웹 서버 접근 관리 • Privacy Manager : 개인 정보 접근 관리 • Risk Manager : 침입 위험 관리 • PKI : 공개 키를 이용한 인증 관리

  2. Component: Policy Director - 특징 • Addresses the top challenges of e-business security • Secure communication with • Customers • Business partners • Others • Centrally define/manage security policy e-business applications • Transparently enforce authorization policy • Through access control rights to Web applications • Support virtually any client device • Browsers • Pervasive devices that use Wireless Access Protocol(WAP)

  3. Component: Policy Director - 특징(계속) • Use public key infrastructure (PKI)-based authentication • To access existing Web-based applications • No rewriting or modification of applications • Control access to legacy TCP/IP-based client/server applications • Provide single sign-on to Web-based applications • Access for the Right People at the Right Time • Reduce your cost of building security into new applications • Eliminate the need to write complex security code

  4. Component: Policy Director - 특징(계속) • Secure Access to Enterprise Web Servers • WebSEAL server manages access to all your Web servers • Centrally control Web resources as one logical Web space • Intelligent load balancing over replicated servers • Effective server scalability and deployment • Provides a fail over capability • Automatically switch to a backup Web server.

  5. Component: Policy Director - 특징(계속) • Supports authentication and access control of Web browsers • Through user IDs and passwords • Through client-side certificates • Through RSA SecureID tokens • Provides single sign-on access to the Web servers it secures • Single log on once to PD • Subsequent logons are handled transparently

  6. Component: Policy Director - 특징(계속) • Secure Access to Legacy Client/Server Applications • Secures traditional Internet services • Telnet and TCP/IP-based legacy applications • Logon required for access • VPN support • Between NetSEAT client and NetSEAL server • End-to-end encryption

  7. Component: Policy Director - 특징(계속) • Support for Many Standardized Features • Supports many open, industry standards • LDAP for the storage of user and group credentials • Supports Netscape/IBM SecureWay LDAP directories • Provides strong authentication to web-based resources • Using X.509 V3 client certificates • Support/manage for full Certificate Revocation List (CRL) • Real-time control of user access rights

  8. Component: Policy Director - 특징(계속) • Authorization API (AuthAPI) implements • Open Group Authorization Service API (aznAPI) • Provides a common set of authorization services • Support multiple operating system environments • Logon required for access • Security application development API • Customized security environment • Authorization decision-making possible in applications

  9. Component: Policy Director - 특징(계속) • Integration with Other Tivoli Products • Foundation for Policy Director for Application Servers • Adds security support for CORBA applications • Logon required for access • Backbone for Tivoli SecureWay Privacy Manager • Integrates with Tivoli SecureWay PKI • Identifies users to PD access • Identifies PD to Web browsers

  10. Component: Policy Director - 특징(계속) • Can configure PD as a logon target for Global Sign-On • Provide single sign-on across enterprise • Enables users to access resources across the enterprise • Integration with UA and SM • Allows PD user creation from UA console • Allows security policies from SM console

  11. Component: Policy Director - Architecture Smart Junction Logical Web Space Firewall A 사용자 1 권한: A, B Policy Director WebSEAL B Authorization Database 사용자 2 권한: B, C C

  12. Component: Policy Director - Access Control

  13. Component: Policy Director - 효과 • Application과 보안의 독립 • No Agent Code • No Security Code • Centralized Single Point Control • Authentication • Authorization • e-Commerce Infra Enabler • Virtual Web Server Integration • 생산성 증대 • 관리 효율성 향상 IBM Netscape Apache Microsoft Permit Deny Policy Director Single Point Access Control User

  14. Component: Policy Director - Platform • Server • IBM RS/6000 • Sun SPARC • Intel x86 or Pentium • IBM AIX 4.3.1 • Sun Solaris 2.6 • Windows NT 4.0 • HP-UX 11.0 • Client • Windows 95 • Windows 98 • Windows NT 4.0

  15. Component: Policy Director - GM General Motors • 세계 최대 자동차 제조 회사 • Policy Director를 이용하여 GM/협력사 적용업무에 대한 안전한 웹 포탈 서비스를 제공 • 일만개의 직접 공급사를 지원하는 확장 가능성을 제공 • 공급사들이 GM의 웹서버 자원을 직접 관리함으로써 사업의 활성화를 유도 "Policy Director authorization and access control technology has been instrumental in helping us build several of our most strategic e-business initiatives -- in particular our Global Supplier Network and our intranet capabilities. " Ralph Szygenda - Vice President and Chief Information Officer, General Motors.

  16. Component: Policy Director - RowePrice T.RowePrice • 뮤추얼 펀드, 자산 관리 서비스 제공 회사 • Policy Director를 이용하여 자사의 고객을 대상으로 하는 e-commerce 시스템의 보안 솔루션 구축 • Legacy 시스템과 웹 기반의 시스템의 원활한 연동 • Scalability와 extensibility 가 가장 큰 장점

  17. Component: Policy Director - KLM KLM • Major 국제 항공사 • Policy Director를 이용하여 “Crew WorkStation” mission-critical 어플리케이션을 위한 웹 포탈 사이트 구축 • 중앙집중식 접근 통제 시스템 / 중앙 접근 통제 관리 시스템 구축 "Using Tivoli's Policy Director solution for our new Cockpit and Cabin Crew System had a very positive effect on the business case. It's central management allows for reduced TCO while the need of not writing 'permissions' -identification and access control - into each application but using a central policy scheme improved the ROI.” Bert van Wijk, Head of KLM Cabin Crew Projects

  18. Component: Policy Director - 국내 동아일보사 • 국내 Major 언론사 • Policy Director를 이용하여 기자들을 위한Secure-Intranet 웹 사이트 구축 • 특징 : Tivoli PKI와의 연동으로 사용자 인증 방식 강화 국세청 • 국내 주요 관청 • Policy Director를 이용하여 국세청 Secure-Internet 웹 사이트 구축 • 특징 : 웹 관리자를 위한 인증과 Access Control 기능 제공으로 일반 사용자와 관리자의 접근 분리

  19. Component: Policy Director - Reference • ABN/Amro • ABP • ADP • Aduanas • Aetna Insurance • Ahold • Air Tran • Alfa Laval • AmeriSource Corp • Anico • APNT • AT&T • Banco Banesco • Banco Itau • Banco Rio • Banco Santander • Banco Weise Sudameris • Banesto • Bangkok Bank • Banrural • Barclays • Expedium • Federal Reserve Bank • Fireman’s Fund • First USA • Freddie Mac • Frieghtliner • GKM Chep Ltd. • GM • Group Health (Kaiser) • HIT • HSBC • Hundai • I2 • ICCREA • IKON • Independent BC/BS • ING Bank • Baxter Health • BBV • Bell Atlantic Internet • Bell Canada • BC/BS of IL/TX • BC/BS of Kansas • BG • British Airways • Burlington Industries • CanTV • Capital BC/BS • Cari Varona • Cargill • CGU Insurance • Chase Manhattan Bank • CP Rail • Dascom – J • Delta Lloyd Insurance • Den Danske Bank • Dept. of Justice • Deutsche Telecom • DTCC

  20. Component: Policy Director - Reference • Telcordia/Belcore • Telstra • Texas Farm Bureau • Tokyo Marines • Winn Dixie • WM Data • YKB • United Airlines • Universidad Autonoma de Campo • University of MA • VW Gedas • Washington State University • Westpac Banking Corp. • Westvaco • Whirlpool • Intessa • Investment Banker’s Trust • Jaztel • John Deere • Juske Bank • KBC • Kemper Insurance • KLM • Kotak Securities • Kreditkassen • Leader Systems • Maersk • Matsushita • Met Life • Multrix • Mutual of Omaha • Navistar • Navy Credit • NCM • New York Stock Exchange • NTT • Panasonic • Partima • Pershing • Ralston Purina • Safelite Autoglass • SBC • SEB • Shell Canada • St. Paul Insurance • State of NJ • State of Ohio • State of Washington • SunTrust

More Related