General discussion


Centralized Application Security

By CuriousTech ·
I have been assigned the dubious task of creating a centralized security process for all of my agency's applications (20+). The environment is heterogenous (UNIX, Bull Mainframe, W2k servers, Novell servers, Unisys mainframe) with varying front andback ends. I plan to begin by creating a central database that will include all elements needed by each application to authenticate and authorize a user but I'm not sure how to proceed from there. What I'm seeking is suggestions on how to best approach this opportunity. In other words, has this wheel already been invented? Thanks, in advance, for any assistance.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Centralized Application Security

by erikdr In reply to Centralized Application S ...

Wheel HAS been invented many times but only the components are standard - the way they have to be mixed is always tailormade.
A brief summary of how we've done this in a large financial environment:
* Central database of users, roles etc. (linked to HR)
* Decentral LDAP replica of this database, suited to all apps using it.
* Sync of this replica with network directory (MS ADS in our case)
* Access for fat client apps through link with ADS (Kerberos)
* Access for thin client (web) apps bya Web Single SignOn solution, in our case Netegrity SiteMinder. The SSO sits on the HTTP server and checks each access to a URL for validity.

Hope this helps a bit...

<Erik> - The Netherlands

Collapse -

Centralized Application Security

by CuriousTech In reply to Centralized Application S ...

I was looking for a bit more detail as I am new to this process.

Related Discussions

Related Forums