Technical Specifications
Support for Open Industry Standards
Lighthouse Gateway’s support for open industry standards enables a fast time-to-implementation for your cloud-based Identity and Access Management (IAM) solution or for migrating from your current on-premise infrastructure. Open standard protocol usage ensures your integration with Lighthouse Gateway is non-proprietary, uses industry best practices, and is able to migrate in the future if necessary.
Lighthouse Gateway offers expansive support for open standards and is compatible with a wide array of existing applications. It is fully backwards and forwards compatible with existing Tivoli Security infrastructure, enabling Lighthouse to migrate you between on-premise Tivoli environments and the Lighthouse Gateway cloud platform efficiently.
Lighthouse Gateway’s open standards based architecture extends to the following areas:
Identity Management
Lighthouse Gateway integrates with existing identity management systems and user repositories via out-of-the-box (OOTB) support for 52 common repositories and formats, such as:
- Active Directory
- IBM DB2, MS SQL, and Oracle relational databases
- LDAP v3
- Flat Files (CSV), XML, and multiple file formats
|
Federated Identity Management
Lighthouse Gateway supports Federated Identity Management protocols for synchronizing federated users with business partners:
- Web Services Provisioning (WS-Provisioning)
- Directory Service Markup Language (DSML)
- Direct LDAP v3
- Others
|
Access Management
User Authentication
Lighthouse Gateway supports numerous open authentication protocols for native users, such as:
- User ID and Password
- Basic Authentication
- x.509 certificates
- Hardware and Software Tokens
|
Authorization
Our cloud-computing Identity and Access Management (IAM) platform supports multiple open-standard protocols for applications wishing to make authorization decision requests to the service’s Policy Decision Point, such as:
- Java Authorization Contract for Containers (JACC)
- Java Authentication and Authorization Services (JAAS)
- Microsoft .NET Framework Authorization Services
- Extensible Access Control Markup Language (XACML)
- Java Container Managed Security (CMS)
- Open Authorization API
|
Machine Authentication
Gateway supports multiple authentication protocols for authenticating machine-to-machine traffic both in and out of your infrastructure, such as:
- WS-Security for SOAP
- WS-Secure Conversation for SOAP
- Raw XML/HTTP/S
- X.509 SSL/TLS transport security
- Java Messaging Service X.509 or UID/PW Security
- MQ X.509 or UID/PW Security
- FTP UID/PW
- ODBC/JDBC direct database access
|
Federated Authentication
Gateway supports leading open Federation protocols:
- Security Assertion Markup Language (SAML)
- Liberty Alliance (LA)
- Web Services Federation (WS-Federation)
|
Managed Compliance
Lighthouse Gateway services are audited by CISA certified auditors using the COBIT framework to ensure compliance with industry regulations such as:
- Payment Card Industry (PCI)
- Sarbanes-Oxley (SOX)
- HIPAA, Privacy Act
- Many more
|
The Gateway Datacenter .
- SAS 70 Type II Certified
- Tier 3 Datacenter conformance
- Redundant Power, Cooling, and Connectivity
- 24x7x365 guard surveillance
- Locked, Caged, and Monitored Environment
- Biometric Facility Access
- 24x7x365 Network Operations Center
- AES-128/256 encryption between all infrastructure end-points
- Man-Traps
- US Department of Defense 100+ point server hardening implemented
- 24x7x365 Level 1 Help Desk
|
Ask the Experts
Gateway Brochure
"The Lighthouse Gateway solution is built on a security model that has been proven in operational use for the U.S. Air Force. Providing this solution as a service permits any organization to maintain a robust security posture, while reducing cost and risk, making it an enormously attractive alternative to conventional approaches."
Mr. John Gilligan
Cyber Security Commission advisor to the President of the United States and former CIO of the U.S. Air Force