Entitlement Management: Ready to Enter the IdM Mainstream
Externalizing authorization processing from business applications has been a goal for architects and developers for many years. Recent compliance demands for more granular access control and policy transparency have increased the urgency to adopt an architectural model where authorization and entitlement management are consumed as a service rather than embedded within business applications. Major software vendors, such as Microsoft, Oracle, and SAP, are making significant steps to separate IdM functionality, including entitlement management from application logic. The market has also responded with a plethora of products that provide entitlement management and authorization functionality for commercial or custom-built application environments. Finally, the Extensible Access Control Markup Language (XACML) has emerged as the consensus authorization standard being supported by a growing number of IT and application vendors. Collectively, these forces form the basis of a nascent IdM market segment referred to as entitlement management.
This new entitlement management market continues to evolve over time as the industry’s understanding of capabilities matures and enterprise requirements expand. In this paper we will discuss several dynamics currently at play, review the product landscape, cover recent standards advancements, and mention some issues that early adopters are addressing.
KeywordsBusiness Process Role Management Business Application Authorization Processing Policy Transparency
Unable to display preview. Download preview PDF.
- Gerry Gebel and Alice Wang, “Entitlement Management: Ready to Enter the IdM Mainstream,” 16 December, 2008, Burton Group Identity and Privacy Strategies Report, (http://www.burtongroup.com)
- Gerry Gebel, “XACML Interoperability Demonstration,” 3 December 2007, Burton Group Identity and Privacy Strategies Report, (www.burtongroup.com)