Traditionally, applications have their own authorization repositories and proprietary authorization models. This results in authorization silos that are not transparent and costly to manage.

IDEAS breaks down authorization silos by consolidating user entitlements from many enterprise applications in a central repository. As people's authorizations change, IDEAS responds in real-time to enforce access policies, triggers business processes and synchronizes connected applications.

Entitlement Administration

IDEAS allows user entitlements to be managed centrally with a single administration. This drastically improves manageability and transparency of authorization processes.

IDEAS fine-grained access control model supports role-based, attribute-based and rule-based access control, providing the most flexible support for simple or complex business requirements.

Entitlement Resolution

With its highly flexible access policy model, IDEAS allows enterprise applications to completely delegate access control. IDEAS Enterprise Entitlement Server provides entitlement resolution as as SOA service to applications. This architecture promotes a clean segregation of application management and access policy management processes. Cloud-based applications particularly benefit from this architecture.

Identity Intelligence

Combining user entitlements, historical authorization data and access policies, IDEAS central repository is a rich source of identity risk and intelligence, and the natural basis for audit and compliance reporting.

Benefits:

• Centralize entitlement administration and segregate it from application management
• Use a single entitlement model for all applications
• Simplify access reporting, auditing and monitoring

Related Products:

• Access Governance Core