Technical Specifications

Support for Open Industry Standards

Lighthouse Gateway’s support for open industry standards enables a fast time-to-implementation for your cloud-based IAM solution or for migrating from your current on-premise infrastructure. Open standard protocol usage ensures your integration with Lighthouse Gateway is non-proprietary, uses industry best practices, and is able to migrate in the future if necessary.

Lighthouse Gateway offers expansive support for open standards and is compatible with a wide array of existing applications. It is fully backwards and forwards compatible with existing Tivoli Security infrastructure, enabling Lighthouse to migrate you between on-premise Tivoli environments and the Lighthouse Gateway cloud platform efficiently.

Lighthouse Gateway’s open standards based architecture extends to the following areas:

Identity Management
Lighthouse Gateway integrates with existing identity management systems and user repositories via out-of-the-box (OOTB) support for 52 common repositories and formats, such as:

  • Active Directory
  • IBM DB2, MS SQL, and Oracle relational databases
  • LDAP v3
  • Flat Files (CSV), XML, and multiple file formats

Federated Identity Management
Lighthouse Gateway supports Federated Identity Management protocols for synchronizing federated users with business partners:

  • Web Services Provisioning (WS-Provisioning)
  • Directory Service Markup Language (DSML)
  • Direct LDAP v3
  • Others

Access Management

User Authentication
Lighthouse Gateway supports numerous open authentication protocols for native users, such as:

  • User ID and Password
  • Basic Authentication
  • x.509 certificates
  • Hardware and Software Tokens

Authorization
Our cloud-computing IAM platform supports multiple open-standard protocols for applications wishing to make authorization decision requests to the service’s Policy Decision Point, such as:

  • Java Authorization Contract for Containers (JACC)
  • Java Authentication and Authorization Services (JAAS)
  • Microsoft .NET Framework Authorization Services
  • Extensible Access Control Markup Language (XACML)
  • Java Container Managed Security (CMS)
  • Open Authorization API

Machine Authentication
Gateway supports multiple authentication protocols for authenticating machine-to-machine traffic both in and out of your infrastructure, such as:

  • WS-Security for SOAP
  • WS-Secure Conversation for SOAP
  • Raw XML/HTTP/S
  • X.509 SSL/TLS transport security
  • Java Messaging Service X.509 or UID/PW Security
  • MQ X.509 or UID/PW Security
  • FTP UID/PW
  • ODBC/JDBC direct database access

Federated Authentication
Gateway supports leading open Federation protocols:

  • Security Assertion Markup Language (SAML)
  • Liberty Alliance (LA)
  • Web Services Federation (WS-Federation)

Managed Compliance
Lighthouse Gateway services are audited by CISA certified auditors using the COBIT framework to ensure compliance with industry regulations such as:

  • Payment Card Industry (PCI)
  • Sarbanes-Oxley (SOX)
  • HIPAA, Privacy Act
  • Many more

The Gateway Datacenter .

  • SSAE 16 (formerly known as SAS70 Type II) certified 
  • Tier 3 Datacenter conformance
  • Redundant Power, Cooling, and Connectivity
  • 24x7x365 guard surveillance
  • Locked, Caged, and Monitored Environment
  • Biometric Facility Access
  • 24x7x365 Network Operations Center
  • AES-128/256 encryption between all infrastructure end-points
  • Man-Traps
  • US Department of Defense 100+ point server hardening implemented
  • 24x7x365 Level 1 Help Desk

 

 

Gateway Services

Gateway Technical Specifications