Photo

Features and Benefits

Keystone provides comprehensive out-of-the-box features and benefits and is recognized as the best of breed Authorization Management solution.

Features

  • Fine-grained authorization and access control to satisfy any requirement the business dictates
  • Delegated administration & fine-grained administration controls
  • Active Segregation of duties enforcement
  • Support for dynamic rules
  • Graphical conditional expression builder
  • Support for complex attributes
  • Support for groups and aggregated roles
  • Broad platform support (Java, .NET, .NET Compact Framework, Delphi, COM)
  • Directory abstraction layer – consume authentication & attributes from any source
  • High availability and performance
  • Internet scalability (unlimited number of users and transactions)
  • Policies are abstracted from the application/data
  • Federated identity
  • Federated authorization (web services security & performance breakthrough)
  • Disconnected-mode applications such as mobile devices or roaming laptops
  • Support for any authentication type such as X509 certificates, Safenet (Aladdin Tokens) RSA SecurID, Windows CardSpace, Biometric data, two-factor authentication, and more
  • Single sign on to and from any application
  • Consistent authorization enforcement, remove the proliferation of redundant authorization policies and controls
  • Audited events for every user, administrative action
  • Audit integration with Identity Governance, BI or GRC solutions
  • Support for a broad range of Standards and Protocols
    • SAML
    • XACML
    • SPML
    • SOAP
    • and many more

Benefits

  • Consumable set of IAM services for consistent authentication/authorization
  • Allow developers to focus on business logic
  • Provides a common dial tone of authorization in a similar fashion to what directories do for authentication
  • Seamlessly integrates with existing infrastructure (directories, web access management, provisioning tools, etc.)
  • Flexible to fit any requirement for authorization management
  • Removes redundant authorization policy data and inconsistencies in policy interpretation and enforcement
  • Web services (SOA) architecture, where every web operation is exposed and documented
  • Provides a centralized security service with delegated administration for manageability
  • Scales infinitely, with outstanding performance
  • Improves efficiency by eliminating custom coding
  • Enhances security by ensuring appropriate, and granularly controlled access for all users across all Keystone protected applications
  • Helps to achieve compliance requirements by enforcing Segregation of Duties, Role Based Access Control & Attribute Based Access Control across applications
  • Enables Snapshot reports for any point in time reporting of access permissions for any user
  • Through a standards-based framework, Keystone provides significant cost/time savings in application development