Using Tivoli Federated Identity Manager to Get What You Want

1. You want to enhance your company’s business-to-business and business-to-consumer collaborations with centralized user access management through application integration and secure authentication.
2. You want to improve the experience of users at your company and lower costs through business-to-consumer user self-care and federated access control to on and off premises applications.
3. You want to enable single sign-on (SSO) for external users to internal applications and for internal users to cloud-based applications.
4. You want to provide web fraud detection and prevention capabilities through risk-based access control.

You want a lot!!!!!    Lucky for you there is …………

Tivoli Federated Identity Manager (TFIM)

IBM Tivoli Federated Identity Manager is an access-management solution that provides web and federated SSO to end users across multiple applications.  TFIM allows collaboration across an organization’s business ecosystem and plays a key role in businesses extending their application access to business partners, customers and consumers. TFIM provides the ability for internal users to access externally hosted applications, including cloud-based applications and business partner applications.

TFIM does this with a federated approach which gives end users a seamless sign-on experience to applications which eliminates the need to provide multiple user IDs and passwords.  Using browser-based integration and open standards, TFIM can provide quick gains in user productivity and user experience. By reducing administration costs with federated SSO, end users authenticate once and then seamlessly obtain access to applications and services inside and outside their network infrastructure.

TFIM provides risk-based access capabilities that can help secure an organization’s information assets. With risk-based access, each transaction is assessed using static and contextual attributes to calculate the risk. This risk assessment determines whether a user’s request to access information should be permitted, denied or permitted with some further authentication. TFIM provides flexible web and identity services using its own security token service (STS) to validate and issue a wide variety of identity formats and to flow auditable identities between applications and services across multiple security domains and the enterprise. This capability ties together applications running on disparate operating system platforms with different sign-on token support, transparently to the end user. End users can use SSO to access desktop and mainframe-based applications. To aid compliance activities, Tivoli Federated Identity Manager also provides integrated audit data collection and reporting.

Additional benefits provided by the IBM Tivoli Federated Identity Manager include:

• Support broad federation functionality by enabling SSO, rich security customization and web services security
• Manage user authentication and identification information about business partners through support for multiple, open standards-based identity and security tokens
• Support the emerging Open Authorization (OAuth) standard for authorization, which enables users to share private resources stored on one site with another site—for example, photos, files or contact lists—without having to hand out their credentials
• Offer predefined federations that provide configuration assistance to ease definitions and setup
• Support Security Assertion Markup Language (SAML), WS-Federation, Information Card Profile, OpenID and OAuth

There are many benefits to deploying the IBM Tivoli Federated Identity Manager in your enterprise, contact the Professional Security Services at PathMaker Group for more information.  We provide security and identity management solutions.  Our services include penetration testing SOA security and identity and access management consulting.  Learn more about us on our website or call 817-704-3644.