Everett - The Identity Enabled Service Platform

Who are the individuals users and what services should
they be provided with?
What is needed (and already available) in order to build cost-effective
integrated services Supporting cross-domain business processes?
How should control be implemented to guarantee governance, privacy
and compliance?
When should services be deployed given planning and resource
constraints?

No individual application can handle these questions effectively – trying to do so results in duplicated effort and loss of control. What is needed is a coordinated set of middleware services and governance processes that deliver the essential common core, providing a flexible and controlled deployment platform for current and future services. The Identity Enabled Service Platform (IESP), with its strong focus on the Identity of both users and services provides this common core.

At Everett we believe that the implementation of IESP technology will be a strategic asset for organisations that strive to be agile and yet remain in control. We also know the basic tools to build these platforms are around today - but effective deployment requires specialist knowledge. It is our mission to improve our customer’s service quality and efficiency by architecting and integrating these future-proof platforms, using standards based components.

Use your mouse to obtain further information regarding the elements of the model

model

Presentation

Presentation: for delivering secure, personalised functionality and information to diverse user groups through different media. This typically involves technology like web portals, Mashups, Rich Internet Applications (RIA’s) and other Web 2.0 technologies;

Integration

Integration: to integrate diverse business application services and exchange information between services, possibly cross-domain. A web services based enterprise service bus (ESB) may be part of the solution to offer scaleable reuse of existing and future services.

User Access Control

User Access Control: for managing the user access to information and services. This includes authentication services, user-centric identity, federations, single sign-on and self-service workflows;

Service Access Control

Service Access Control: for managing secure access to [web-] services. This includes web service security standards and technologies including service access control and provisioning of identity information;

Administration

Administration: will manage the lifecycle of services and user identities and their access rights. This typically includes services for role-based authorization, user administration and certification;

Auditing & Verification

Auditing & Verification: is central for implementation of control and reporting. Services include compliance management, security incident & event monitoring, service monitoring, attestation and auditing;

Secure Platform

Secure Platform: for a scalable and secure operating environment including hardware, OS and network. Clustering, high availability and virtualisation, cloud- and grid computing are common functions provided by this layer.

Themes such as personalisation, compliance, role based access control, federated services, and secure remote access ultimately require addressing one or more of the generic components that comprise the IESP. Architecting, building and deploying this infrastructure using a service oriented approach is crucial to organisations that want to manage the paradox of agile business practice and who not only respond to change, but lead and embrace it