Radiant Logic, Inc. | Products | Identity Correlation and Synchronization Services Server

RadiantOne ICS is a critical component for organizations using a variety of different directories and other data repositories, such as a databases and web services. ICS makes it possible to synchronize user accounts and attributes in all of those systems, (including synchronization of passwords), saving a tremendous amount of time and money that is currently spent on keeping data consistent and enforcing data ownership rules.

ICS radically simplifies the complicated synchronization process between disparate data repositories with the help of build-in wizards and script templates. Out-of-the box connectors for LDAP, JDBC, XML and web services, allow ICS to connect to over 25 different directories, databases, applications, web services as well as any source with a Java API. Using a comprehensive GUI, based on the popular Eclipse IDE, ICS provides a step-by-step implementation process to establish relationships and to set up transformation scripts.

Connectors track all events involving an object (for publishing to subscribing objects). The connectors can also modify the states of objects (attributes, identities) for updates, inserts, and deletes. The synchronization flow (between publishing objects and subscribing objects) is grouped and depicted in a topology. Connectors transfer data via XML messaging within the RadiantOne virtualized environment. This allows for messages to move uni or bi-directionally between heterogeneous data sources facilitating enterprise-wide integration of identity information.

The logic applied to source data (from the publishing object) before it is sent to a destination (subscribing object) is known as a transformation script.

ICS’s built-in wizards and script templates automatically generate the necessary scripts to map to data sources, customize behavior (such as the concatenation of data fields or parsing of attributes), to support the necessary logic for almost any organization.

Topologies define data flow and event detection of objects. These topologies are easily designed within the ICS Console. ICS supports a variety of topology patterns to support different synchronization needs.

Point to Point and Publisher/Subscriber Topology – Traditional Point-to-Point and Publisher/Subscriber topologies are supported with granular synchronization from selected object attributes for identity synchronization to full data store replication for fail-over, fail-safe, or load balancing.

These topologies are used when a common unique identifier for all connected identity profiles exist. If such an identifier does not exist, the VIH topology would be used to establish such an identifier, so that identity data can be properly provisioned.

VIH Topology – This hub-and-spoke topology is used to aggregate and establish correlations between data repositories. Multiple data stores of the same identities are connected centrally to the Virtual Identity Hub (VIH) where identity profiles are indexed. ICS establishes intersections, unions, and orphaned accounts (or rogue identities) based on custom business logic defined in the ICS topology design.

Once a common key is established between all connected sources, synchronization is seamless. User profile views can now be extended for use by the VDS or other applications.

Fig 2. Possible VIH Topology deployment for identity correlation and synchronization.