beautypg.com

Alcatel-Lucent OmniAccess 8550 EN User Manual

Page 4

background image

4 Alcatel-Lucent | OmniAccess 8550 Web Services Gateway

Figure 2. Sources of threats to information security

SINGLE IDENTITY AND STATEFUL POLICY ENFORCEMENT

Threats to sensitive information come from multiple sources. Internal threats come from employees and external threats

from partners, outsourcers, contractors and the Internet. The OmniAccess 8550 WSG uses data encryption coupled with

stateful policy enforcement and active auditing to ensure that transactions are secure and stored data is safe from misuse.

The OmniAccess 8550 WSG allows single identity and

identity mapping from internal and external authentication

systems of trusted partners. The OmniAccess 8550 WSG

integrating with these authentication systems will share

digital credentials; enabling a the trust relationship between

partners Very importantly, each partner can employ their

own authentication systems as well as maintain their own

identity store and set access policies independently.

After validating the credential of a user, the OmniAccess

8550 WSG uses a combination of user-aware authorization

and policy enforcement for information access control.

Authorization is based on the credentials of the user;

the OmniAccess 8550 WSG controls which users can access

and/or change data based on users’ level of access. Stateful

(multi-transactional) policy enforcement allows policy to

be enforced on each transaction based upon the context

in which it is requested.

Threats
from
business
partners

Threats
from
employees

Threats
from
outsources

Treats
from
contractors

During the transaction, the OmniAccess 8550 WSG

enforces published policies in a stateful manner at run

time. For instance, a password reset request might be

normal, but not if it is followed by a large transfer of

funds. The OmniAccess 8550 WSG would be able to

see the password change and deny fund transfers after

a password change without additional authentication

or could trigger an alert followed by a phone call to the

customer. With user centric stateful run-time policy

enforcement, the OmniAccess 8550 WSG can effectively

secure the integrity and confidentiality of information from

end-to-end for each transaction as well dictate how the

transaction information is accessed and modified.

See also other documents in the category Alcatel-Lucent Hardware: