Deutsche WertpapierService Bank AG
Leading German Securities Dealer Manages Identities across Diverse Systems with Sun SoftwareDeutsche WertpapierService Bank AG (DWP Bank) is one of the largest dealers of securities in Germany. It serves clients from all sectors of the German credit industry and counts approximately 250 banking institutions among its customer base. Customer Challenges
SolutionThe bank deployed Sun Java System Identity Manager and other Sun Java Enterprise System software to centralize management of user identities and access across diverse systems. Business Results
Story DetailsIn order to optimize and simplify identity management, DWP Bank recognized the need for a central hierarchical administration system that could authorize all clients via single sign-on. This vision required the integration of existing systems and applications. The bank needed to make authorization information available centrally and locally and synchronize user access across multiple applications and resources. To realize this vision, the bank deployed Sun Java Enterprise System software, including Sun Java System Identity Manager, Sun Java System Directory Server and Sun Java System Application Server. All of these infrastructure components are hosted on Sun Fire servers running the Solaris 10 Operating System.
"
We like the flexibility of Sun Java System Identity Manager, since the software works with our existing infrastructure. A J2EE-enabled application server, an LDAP directory and a high-availability database such as Oracle RAC are all that’s required.
"
— Ralf Hoops, Project Manager, DWP Bank
The over-arching requirement across the entire project was maximum availability of information. Time frames for changes to authorizations needed to be reduced. To accomplish this, the bank set up an LDAP meta-directory on its open systems running on Sun Fire servers. A Sun Identity Manager adapter forwards the authorization information directly to RACF, the authorization system on the bank’s mainframe. Up until this point, there had been no solution available on the market that was capable of reading passwords encrypted with a DES3 algorithm in RACF. In order to make the host data usable by LDAP and Identity Manager, DWP Bank and Sun developed a custom solution that facilitates the exchange and comparison of identity information in two directions. This solution may be the only one of its kind worldwide. Another unique feature is the software layer inserted between the applications and the authorization infrastructure. This includes a security API that checks which back end is crucial for the pertinent process based on the data’s specific structure. Plans were also made for newly created or modified authentifications to have a cross-system latency of a maximum of 30 minutes. Authorization changes for systems that use the identity management system directly as a back end are effective immediately. Since the bank’s customers use very different methods and systems, modifications are often made to authorizations. The Sun Identity Manager can accept these modifications both via the graphical user interface and a file-managed route. As a result, customers don’t need to change their own authorizations systems. Now that the new system has proved itself on all levels, the bank believes that it is strongly equipped to cope with the load from additional clients. The system, which is designed to handle up to 200,000 users with excellent performance, is scalable and can rapidly be extended at any time. |
RelatedCustomer Accolades | |||||||||||||||||
 |
| |||||||||||||||||
