We build and deploy highly complex and adaptive Enterprise Information Systems, with a “baked-in” Security Architecture. Our solutions provide Identification, Authentication, Authorization, and Auditing (IAAA) capabilities compliant with the most stringent Defense and Intelligence Community security guidelines. We use both Roles and Attribute-Based Access Controls (RBAC/ABAC), integrated to provide both the strength and agility needed to expertly manage the security of the Enterprise.
Information sharing, throughout the Federal Government and especially within the Intelligence Community, has become a priority in recent years. However, unlimited sharing has also led to unauthorized disclosures on the internet and in the media. It becomes imperative to have the necessary controls over enterprise wide data, based on the government’s need to share while limiting access to sensitive information.
In practice, the challenge is that Identity and Authentication are global to an enterprise, while Authorization is best implemented aligned with local organizational business processes. Understanding the technologies that contribute to the concept of “Authenticate Globally and Authorize Locally” enables identity to be controlled at the enterprise level, while allowing business units to control authorization locally aligned with their processes. As an example, human resource personnel need to have the ability to view and share employee information which is restricted from other personnel in the system.
Semper Fortis Solutions™ has successfully designed and developed software that addresses this technically challenging issue through the use of Role Based and Attribute Based Controls. This novel approach can be seamlessly integrated with current collaboration tools, to allow users to share information while restricting access based on policy.