I recently attended a discussion focused on IBM Security Policy Manager (SPM) and IBM Security Access Manager for e-Business (SAMeb). IBM Security Policy Manager can be used in the following ways:
- Fine-Grained Authorization Control as opposed to coarse grained SAMeB group to J2EE Role Mapping (Sample: Policy to restrict a money transfer that exceeds $500 in a single transaction)
- Authorize and Audit Communications between application modules. (When Modules are independent and belong to different organizations/Access External Interfaces)
- Can have Multiple Policies on a service, each with multiple roles
- Centralized Policy management for Web Services
- Data Power could be used as a Web Service proxy and TSPM as the Policy Decision Point
- By Default all web services are denied
- Policies can be attached to Web Service/Port/Operation/Message
Here is a side by side comparison:
Next week, Prolifics will be at IBM Pulse in Las Vegas, a leading security intelligence conference. If you would like to learn more about Prolifics' Security solutions, visit booth #E525 and visit our IBM Pulse Page.
For more information about Prolifics, please visit www.prolifics.com or email solutions@prolifics.com.
