ObjectSecurity

OpenPMF “model-driven security” policy automation turns intuitive security policies into the matching technical implementation (e.g. ABAC).

ABOUT OBJECTSECURITY ObjectSecurity is an information security specialist company with a highly innovative technology portfolio and a strong consulting, R&D, services track record. ObjectSecurity was founded in 2000 by leading information security experts and has offices in the U.S. (San Diego & Silicon Valley) and Europe. ObjectSecurity has received numerous awards, including 'Cool Vendor 2008' by Gartner. ObjectSecurity's customer list mostly includes governments and larger enterprises, with some contracts in the US$ millions. ObjectSecurity has always been revenue funded and profitable. PRODUCTS OpenPMF Model-Driven Security Policy Automation: OpenPMF automates the process of turning human-manageable security requirements into the matching technical security policy implementation and accreditation/compliance evidence. OpenPMF is key to reducing cost, improving security & accreditation/compliance, and supporting security for today's agile, interconnected applications (e.g. SOA/cloud/IoT). OpenPMF uses model-driven security (MDS) - a unique, patent-pending technology - to simplify policy management more than other approaches (e.g. visual/linguistic) can. MDS lets you: - Capture security policies in the intuitive/generic way you want, using model-driven security - Generate corresponding technical enforcement automatically, e.g. attribute-based access control (ABAC) rules, PDL, XACML. - Enforce your policies automatically across your IT systems - Monitor security incidents automatically - Maintain correct enforcement automatically for today's dynamically changing, interconnected applications (e.g.SOAs/Cloud based) - Analyze and document automatically that the security implementation meets compliance/accreditation requirements. OpenPMF includes a model-driven policy authoring tool, a model-driven rule generation tool, an attribute-based authorization policy server, and policy decision/enforcement points. OpenPMF is standards-based (incl. Ecore/MOF, XMI, XACML, ABAC). SERVICES ObjectSecurity’s services range from high-level tasks such as security architecture and analysis, assessment and testing, as well as policy, down to the implementation of security technologies. In particular: leading consulting, R&D, and services related to information security, esp. related to security policy management and implementation (incl. “model-driven security”), access control, cloud security, SOA security, middleware security. Additional consulting projects include being cyber security technical expert witness. Projects span numerous mission-critical industries (incl. government, aerospace, defense, manufacturing, finance, telecom, and more). ObjectSecurity’s highly experienced and qualified security experts hold advanced degrees (PhDs/Master’s) in information security, each have over 15 years of experience in the field, and are renowned visionaries in the area of “model-driven security” and cloud security.