Well, I almost missed IBM being named the top Security Company by SC Magazine. Naturally, it got me thinking of how the company is pushing ahead on many fronts so the technology is there when clients need it.
Besides the announcements on making plastics from plants, Tivoli has been looking at security needs for SOA and clouds across different environments and believe me, it is a whole lot more complicated than just you typical e-business application from a few years ago!
Across platforms, the internet, and different infrastructures you run into SAML, WS-Trust, Kerberos certificates, RACF Passtickets, LTPA tokens, keys and oh yeah, passwords and IDs. Yikes, it gets complicated quickly... I used to think in terms of Tivoli Identity and Access Management (TIM and TAM), but we now need to think about Federated Identity Management (TFIM), and a relatively new set of functionality called Security Policy Manager (TSPM) to address the life-cycle of policies, credential translation, and identity propagation across an SOA environment. Now I am certainly not going to go into any detail here, this is more of a heads up on where to look if you are getting into the next phases of this stuff. (And look at the Redbook too!)
Oh, and take a look at the IBM Security Framework. With the zSecure suite, the ISS contributions with the Proventia suite, the acquisition of Guardium for DB security, and AppScan products for applications (as just a few examples), security is being layered and added by Tivoli security and others ALL through the IT infrastructure.
Hey, guess what? If you take things out of the black box and distribute them all over the place you need more than RACF!
Enterprise Class Innovation: System z Perspectives
From archive: April 2010 X