Freely subscribe to our NEWSLETTER

NEC’s identity and access technologies are being used in the projects to enable both the agile and secure establishment and maintenance of contract-based business relationships across enterprise boundaries in SOA-based IT systems, such as complex supply-chain management workflows including several distinct organisations. As SOA-based IT systems are increasingly used, combining services securely is an issue. NEC’s security components were demonstrated at the final review of the SIMDAT project held in Leuven, Belgium, on November 14th, 2008 and are further enhanced as well as evaluated within the @neurIST project, for which results are expected in the first half of 2009.

Over the last three years, NEC Laboratories Europe has developed identity and access management components for the SIMDAT and @neurIST prototypes. The main features of these components include the efficient management of cross-domain relationships, and effective enforcement of distributed access policies adopting innovative claim-based security models. The software is based solely on open Web Service* standards allowing the seamless integration of the modules into existing environments, thus coping with well-established legacy systems like corporate user management infrastructures.

The identity and access management components can be divided into two categories. The NEC Distributed Access Control (DAC) system manages and enforces distributed access policies in cross-domain environments. It provides a generic and flexible attribute-based access control framework allowing one to plug-in various access control standards and technologies. Prominent examples are XACML** and Access Control Lists (ACL).

The NEC Relationship Manager complements the NEC DAC system by providing the means to set up and manage cross-domain relationships without requiring any centralized component. Each participating institution manages their own relationships and local resources independently, thus keeping full control over their own resources. With the adoption of claim-based security models, delegation mechanisms are inherent.

NEC Laboratories Europe has been engaged in R&D related to distributed secure cross-domain enterprise information systems for almost a decade and we are delighted to have been part of this EU project.”

SIMDAT The European project SIMDAT takes industrial product and process development forward by introducing advanced Grid technology in the automotive, aerospace, pharmaceutical and meteorological verticals. The results of SIMDAT will facilitate the transition of other industrial areas to Grid technologies.

@neurIST The European project @neurIST (‘Integrated Biomedical Informatics for the Management of Cerebral Aneurysms’) aims to create an IT infrastructure for the management of all processes linked to research, diagnosis and treatment development for complex and multi-factorial diseases; the IT infrastructure will be developed for one such disease, cerebral aneurysms.

*Web Services are a set of specifications designed to support interoperable machine-to-machine interaction over a network. Web services can be accessed over a network, such as the Internet, and executed on a remote system hosting the requested services.

**XACML stands for eXtensible Access Control Markup Language. It is a declarative access control policy language implemented in XML and a processing model, describing how to interpret the policies. It is standardized within the OASIS standards organization.