SiteMinder Overview
- Provides policy-based security:
– Securitycode removed from applications and put into SiteMinder rules and policies
– Shiftsresponsibility for security from application developers to SiteMinderAdministrators
- Components extend the n-tier architectural model
- Services for security configuration, policy evaluation, personalization, and ongoing management.
Netegrity SiteMinderprovides all of the critical capabilities to meet the stringent needs of largee-business and corporate portals. It provides an infrastructure for centralizedand secure policy management that scales to meet the needs of even the largestportal sites. It provides a way to authenticate users and manage user’sprivileges so that they gain access only to those applications or operations forwhich they have been authorized. In addition, SiteMinder provides for easypersonalization of content, as well as single sign-on.
Security policiesprovide the most complete security solution by defining not only the type ofaccess a user or user group has to a resource but also what happens when a useror user group accesses the resource. Security policies go beyond thecapabilities of ACLs by enabling you to manage the user experience. TheSiteMinder authorization model is based on security policies.
SiteMinder combinesthe use of policy servers with agents to provide access control for resources,deployed on Web servers for example.