How does OpenPMF give me consistency and agility support?
OpenPMF centrally stores policy models that are automatically turned into technical access control and audit rules, which are then consistently enforced for all applications which are protected by an OpenPMF policy enforcement point (PEP).
Can OpenPMF also enforce security policies for IDSs, databases, firewalls etc.?
Yes. See Supported Technologies for details. We can also enhance OpenPMF to cover any particular other technologies you need to enforce security policies for.
What are the benefits of using OpenPMF?
Save time and money: Security professionals focus on security without the need to be application experts. Application professionals focus on the application without the need to be security experts. OpenPMF automatically generates & updates application security policies for them. Security & development are separated, but linked via OpenPMF’s policy automation. Adopt security easily & flexibly: [...]
How does OpenPMF support application agility and Service Oriented Architecture (SOA)?
SOA is often designed with dynamic change (agility) and reuse in mind. SOA is also often built using web applications. OpenPMF can automate policy generation, enforcement, and update for such application landscapes in such a way that technical security enforcement rules can be automatically updated whenever the interactions between web applications change. Without OpenPMF, security [...]
Which development tools can I use OpenPMF with?
See Supported Technologies.
What kinds of application platforms does OpenPMF support?
See Supported Technologies. OpenPMF supports more technologies than any other authorization management product in the market.
What kinds of policies can I define, enforce, and monitor with OpenPMF?
OpenPMF policies can either be default security policy model templates, or tailor-made security policy models . Default policy model templates includes policies such as “only allow the interactions the application developer has programmed; deny and log everything else”, or “only allow access to SOA services based on the sequence of the BPM workflow used to [...]
What can I exactly do with OpenPMF?
Configure intuitive business security requirements Generate matching technical security policies automatically Enforce technical security policies transparently Audit technical security policies transparently Update technical security policies automatically
Does OpenPMF do whitelisting or blacklisting?
OpenPMF is a whitelisting technology, i.e. it explicitly allows good accesses and denies everything else. This approach is more reliable than blacklisting, which explicitly blocks known bad accesses but allows everything else. Using conventional methods, whitelisting is hard because many rules have to be manually written – OpenPMF solves that challenge with its unique policy [...]