Security & Compliance Simplified
Want an easier way to manage identities and govern access? Watch a fun new video and see how Quest One Identity Solutions simplify identity and access management to improve security and compliance.
Watch video »
Role Management Assessment
Take an interactive assessment and see how your role management performance compares to the best in class. You'll receive a personalized scorecard with custom recommendations for improvements.
Take the Assessment »
Quest Acquires BiTKOO
With the acquisition of BiTKOO, Quest adds powerful authorization capabilities for applications to Quest One Identity Solutions.
Watch video »

Quest One Authorization Policy Server

An Application Security Dial Tone for Diverse Environments

Cette page n'est pas disponible en français. Vous trouverez ci-dessous le contenu en anglais.

Quest One Authorization Policy Server enables consistent management of access to heterogeneous applications, Web services and data across the enterprise through fine-grained authorization using the XACML standard. The solution provides a consistent "security dial tone" that can be implemented as a baseline for multiple, disparate applications; developers use simple, ready-made plug-ins to fully protect applications, services and data with comprehensive access control capabilities.

Features

  • Enterprise Authorization Management – Replaces redundant and inconsistent authorization policies with a set of fine-grained authorization policies that apply across the entire application portfolio and that can be modified at any time without application code changes. The solution also provides a complete audit trail of rule changes to ensure that authorization rules are applied appropriately and consistently across the enterprise.
  • Unified Policy – Enables consistent policy development, enforcement and auditing by externalizing policy to a single, proven and authoritative authorization source.
  • Real-time Security – Removes the need for rigid, hard-coded security in applications, which enables access governance to be much more nimble and business-focused. Security and policy enforcement occur at runtime through externalized authorization.
  • Authentication Abstraction – Eliminates the need to customize authentication; applications simply consume authentication from a “security dial tone” that connects many authentication providers, including LDAP, Active Directory, RADIUS and more. Directory-based and federated authentications scenarios, X509 certificates and many forms of multifactor authentication are also supported.
  • Separation of Duties – Ensures – and demonstrates – proper separation of duties (SoD) based on user roles and established policy, with granular control over who can access what for your applications. The solution also supports role-based access control (RBAC) and attribute-based access control (ABAC) across diverse applications.
  • Integration with Existing IAM Components – Interoperates seamlessly with other IAM components such as directories, virtual directories and solutions for Web access management, federation, provisioning, identity administration, audit/compliance, role management and workflow – including Quest One Identity Solutions, as well as tools from other vendors.

Docs

 

Related Products

Support for This Product