Security Systems

Parthenon has a long history of interest in security and access control. In the past, proprietary solutions have locked customers in and kept prices high. Consultants were required for each vendor's offerings; these were expensive and sometimes hard to find. Recently, open standards for authentication and authorization systems have been emerging. Standards such as XACML and SAML are now at the point where they can be used to solve real business problems for a fraction of the cost of the solutions previously available.

Parthenon has contributed to the OASIS standard XACML (eXtensible Access Control Markup Language). This standard is an XML-based language which is used to describe access control requirements for online resources. It describes who is allowed to do what to a resource. For example, it describes whether "John" can "read" the webpage "prices.html". The ability to describe these policies in a standard format allows interoperability between any systems that support it.

We have also contributed to the SAML (Security Assertion Markup Language) reference implementation. SAML enables the communication of authentication and authorization information among programs and business partners. This builds on the interoperability that XACML provides, allowing authentication, identity, and access control systems to communicate with each other.

There are many advantages to using open standards:

• Generic tools are developed by the software industry and open source communities, lowering costs and increasing productivity,
• A larger pool of expertise is available for recruitment, which brings salaries down,
• Skills are transferable between different products, lowering training bills,
• Vendors can no longer lock customers in to a single product offering.

We have a suite of tools that have been built up as part of our consultancy work. These include:

• A test tool for assisting in the development of XACML encoded access control policies (available for free download).
• A full implementation of a XACML policy engine,
• LDAP and SAML connectors for the XACML policy engine.

We use these tools and our expertise to provide customers with high value consultancy and development. If you need vendor-agnostic advice on the direction of your security and access control policies, or implementation and execution expertise, then we can help.

• XACML toolkit page
• XACML weblog

Read what our customers say - CSW.

Contact us in the UK or USA to discuss how we can add value to your business.