STA’s Application Security Architecture (ASA) provides a framework and large set of services to enforce consistent role-based and permission-based rules in a way that an application developer, who typically does not have the time nor the training to consider security, would not have to.
An enterprise’s data, in all forms, formats and locations, is the life force of the organization—protecting it is vital to a company’s success and reputation. With the variety of technologies in use today, including mobile computing, security has never been more important.
STA Group’s Security Consulting services focus on risk management and compliance. We help you understand and balance the need for access to your information with the requirement that it be kept safe and secure, no matter the mode of access. We can help you test your existing security, identify and close potential vulnerabilities as well as implement a comprehensive plan for managing security on an ongoing basis.
Using our Application Security Architecture (ASA), we can help you build your J2EE application with security at every level, including your business domain objects. ASA is a Role-Based-Access-Control framework that extends the traditional RBAC model to include Permission based access control with real-time contextual rule evaluation. This allows you to protect your business domain objects with fine-grain authorizations, not just role-based URL end-points.
ASA provides a full feature administration console to manage and configure all aspects of your security model. It also provides Spring Security integration components to seamlessly integrate with Spring Security and your Spring-based application. You can apply your ASA fine-grain authorizations to existing code with minimal impact.
STA’s Application Security Architecture provides solid security policy enforcement, combined with precise access decision capabilities, and flexible policy maintenance:
