In a world dominated by stricter requirements derived from the Sarbanes-Oxley Act and Homeland Security regulations that limit who can access data, there is a need for a different approach to identity rights management, said Ayman Hariri, president and CEO of Epok.
“The rise of Web services and the consequent breakdown of control has created a requirement for new levels of enterprisewide data control and security,” Hariri said. “Conversely, TDX 4.0 implemented in an SOA provides the highest levels of data controls, even as additional Web services are deployed across the organization.” Given the uniqueness of Epok’s approach, standards play a big role in making sure TDX interoperates on as many levels as possible, Hariri said.
Epok, a Bethesda, Md.-based startup, recently rolled out version 4.0 of Trusted Data Exchange (TDX), which it describes as a platform for managing user-access rights to specific sets of data. Support for Security Assertion Markup Language-based authentication and authorization, as well as support for LDAP 3.0, are also included in version 4.0, according to Epok.
TDX works by providing object labels around classes of data and then managing who has access to use those data objects across multiple applications. This allows IT organizations to limit access to very specific sets of data, rather than relying on user-based permission schemes that are limited to specific files and database tables. Proving that TDX can be deployed without creating undue network latency looks to be an early challenge for Epok, said John Freeman, principal of Mycroft, a New York-based VAR that has deployed secure, directory-enabled identity-management infrastructures for numerous Fortune 100 clients.
http://www.crn.com/showArticle.jhtml;jsessionid=GAKVCGKQFIDG2QSNDBNCKH0CJUMEKJVN?articleID=51000093