Keyless Entry for Covisint

Securant to manage user access for auto exchange

San Francisco  July 31, 2001  Automotive e-business exchange Covisint has selected Securant Technologies' ClearTrust SecureControl to provide the access management infrastructure that will control user access to its tools for product development, procurement and supply chain management. The ClearTrust solution will allow registered Covisint users to sign on once and then move between only the applications and resources they have been authorized to access  both within the Covisint site and across member sites.

Covisint will be using the ClearTrust SecureControl product as the access control component of its site, as well as the single sign-on engine it is creating for universal use across the automotive industry. Securant is working with Covisint to develop this engine, which will be based on the Security Assertion Markup Language (SAML) standard. SAML is currently under development within the OASIS standards group, and derives much of its original structure from a proposed Securant standard (AuthXML). The SAML standard will allow for transactions to occur securely between Covisint's trading partners and their disparate Wweb security systems, while delivering single sign-on convenience to Covisint customers.

"The security of our customer's data is of the highest priority and that made Securant the natural choice for two reasons. First, its ClearTrust SecureControl is designed for Web-based security and at its core Covisint provides Web-based exchange of information," said Dave Miller, Covisint's director of information security. "In addition, Covisint is a company that will need to grow to meet the needs of our customers' changing information connectivity needs. It was important that our security systems' provider be able to grow with us and develop custom security solutions needed to support those customers."

ClearTrust SecureControl gives Covisint a solution that centralizes access management and user management, and integrates with its existing systems and applications. It also creates a single point of control for setting, managing and enforcing security rules that govern user authentication, authorization and single sign-on for all of Covisint's applications and content.

This solution allows Covisint to provide single sign-on across multiple domains for easier user navigation between Covisint resources even if certain applications and data reside on separate Web sites; centralize, automate and dynamically adjust, without human intervention, access control permissions and authorization of transactions based on changing information in a user's profile; delegate user administration tasks to member companies; use authentication technologies to provide higher levels of security for more sensitive resources and transactions; proactively detect and take countermeasures to prevent fraud and security threats by monitoring user behavior within an application for violations of business rules; and track, audit and report on all user, administrator and API activity that takes place within its applications.

"Covisint is an expansive exchange designed to support one of the world's most capital-intensive industries and, in the process, has created a very challenging security environment to manage," said Eric Olden, chief technology officer, Securant Technologies. "By using ClearTrust SecureControl, Covisint will be able to securely bring new applications online faster and slash security administration costs, with the confidence of knowing that its security infrastructure can scale to support increasing user populations and transactions levels."

 For more on Covisint, read the cover story in the October issue of iSource Business. Click here if you'd like to sign up for a free subscription.