Keystone is the only Identity and Access Management (IAM) solution that provides a holistic approach to authorization management
- Consumable set of IAM services for consistent authentication/authorization
- Allow developers to focus on business logic
- Standards-based framework provides significant cost/time savings
- From coarse to fine grained authorization and access control
- Delegated administration & fine-grained administration controls
- Active Segregation of duties enforcement
- Support for dynamic rules
- Graphical conditional expression builder
- Support for complex attributes
- Support for groups and aggregated roles
- Broad platform support (Java, .NET, .NET Compact Framework, Delphi, COM)
- Directory abstraction layer – consume authentication & attributes from any source
- High availability and performance
- Internet scalability (unlimited number of users and transactions)
- Policies are abstracted from the application/data
- Federated authorization (web services security & performance breakthrough)
- Disconnected-mode applications such as mobile devices or roaming laptops
- Support for any authentication type such as X509 certificates, RSA SecureID, Microsoft Card Spaces, Biometric data, two-factor authentication, and more
- Single Sign-On with any third-party platform such as AD, LDAP, WAM
- Federated identity
- Consistent authorization enforcement
- Remove the proliferation of redundant authorization policies and controls
- Audited events for every user, administrative action
- Extensive audit trail and comprehensive reporting capabilities
- Audit integration with Identity Governance, BI or GRC solutions
- Support for a broad range of Standards and Protocols
- SAML
- XACML
- SPML
- SOAP
- and many more
- Simplified and holistic authorization management
- Consumable set of IAM services for rapid, consistent, auth/auth coding
- Federated identity
- Removes redundant authorization policy data and inconsistencies in policy interpretation and enforcement
- Time and cost savings
- Standards-based framework provides significant cost/time savings in application development
- End-to-end security for regulatory compliance
- Audited events for every transaction/workflow type
- Improves compliance across silo-ed applications