|
Only RadiantOne Identity integration allows you to compose views of users and resources across directory, database, web service, and application silos--all while maintaining the high performance required for security and IAM initiatives. With RadiantOne, you can meet the requirements of all your IDM initiatives while avoiding costly and time-consuming deployments that involve custom coding and heavy synchronization requirements.
RadiantOne VDS Context Edition creates a virtualization layer that enables enterprises to integrate high volumes of identity, and publish multiple contextual views across heterogeneous data sources with guaranteed performance and availability. VDS Context Edition features all the capabilities found in Proxy Edition, plus additional tools that enable complete identity data integration based on your business requirements, not based on your existing infrastructure.
VDS Context Edition offers both proxy and data modeling tools to integrate user profiles from heterogeneous data sources, while preserving the object relationships and context of each source. When the data structures of existing identity stores are not sufficient, you need additional tools to represent these identities, relationships, and semantic relationships in new views and new contexts as required.
The key capabilities that enable this functionality are:
- Data Model: Understanding the links between objects within existing systems, and linking them across other systems, to form a global data model that can be used to build new representations of data
- Join: Extend profiles to include information in other distributed and/or heterogeneous data silos
- Persistent Cache: Guarantee performance and provide high scalability of data modeled views
- Context Representation : Provide multiple contextual representations of existing systems and semantic understanding in a way both end-users and automated systems can understand.
RadiantOne VDS Context Edition creates an object-oriented data model from existing sources. Using the GUI tools within the Context Builder utility, you can integrate data across heterogeneous sources by extracting the metadata, exposing existing relationships, and representing the data structure into a common data model. This enables you to link information across data silos and publish hierarchies based on your system requirements, not on existing data structure.
 VIDEO: Product Demo - Redesigning Directory Information Tree (DIT) structures
VIDEO: Product Demo - Creating Hierarchical Views from RDBMS sources
VIDEO: Product Demo - Creating Hierarchical Views from Heterogeneous sources
RadiantOne VDS Context Edition includes a powerful join engine that can build user profiles
with attributes coming from multiple data sources.
Features of the RadiantOne VDS Join Engine:
- Easy to use wizard-based configuration
- Multiple options for handling overlapping attributes, where the same attributes exist in more
than one source
- Complete search and update capability for all attributes in the user profile, regardless
of the backend data source origin.
- Built-in round-robin credential checking for all sources the user is identified in.
Types of Join:
- Classic: Extend user profiles with existing attributes existing
in multiple data sources. The two options in this join type are:
- Left Join: Return all entries from the main source with their profiles
extended, when possible, from a joined source.
- Inner join: Return only the intersection of entries. Entries from the main
source that do not have a matching entry to join with will not be returned in the result.
- Extended: Extend user profiles with new attributes that do not currently exist such as:
- Shadow Attributes created by or for applications, which will be stored in the
VDS local store.
- Computed attributes, which are created dynamically from other existing
attributes.
VIDEO: Product Demo - Join from a Database
VIDEO: Product Demo - Join from Heterogeneous Sources
Join can be particularly useful in solving authorization issues, where a complete profile of a user
is essential for accurate entitlement and policy enforcement.
For example, you can join base attributes such as username and email address from an LDAP
directory with HR attributes retrieved from a database:
For more information about RadiantOne VDS Join Capabilities, click here.
RadiantOne's caching technology provides the guaranteed performance and availability demanded by IdM applications —regardless of the performance of the underlying sources. Under the load of complex joins, even the fastest sources can become too slow for identity and security applications. So VDS Context Edition offers a choice of caching options that can be deployed when higher performance is required.
Persistent cache offers you a way to render and persist data modeled views (materialized hierarchical views) to give you the highest level of performance available in the industry, equal to any LDAP v3 compliant server. Query performance is no longer constrained by complex joins and searches across multiple data sources.
Persistent Cache offers:
- The highest response and query speeds, equal to standard v3 LDAP Directory Servers.
- Scalability across multiple servers and VDS instances.
- Faster recovery from server failure, since there is no re-build of the cache.
- Lower loads on backed sources.
- Incremental real-time updates of the cache image by detecting changes in the backend sources.
- Guaranteed delivery of cache updates leveraging an enterprise service bus (ESB).
VDS Context Edition’s event-driven cache refresh technology means low latency and near-real-time cache updates. Connectors monitor changes at the sources level and send incremental updates to the cache image as needed. This lowers load on backend sources, and enables faster access rates at the VDS level.
Since VDS Context Edition understands and manages object relationships, it propagates the right event to the right contextual view. Updates through VDS are routed to the appropriate backend source(s) and when the update is validated, the cache is then updated to always reflect the reality of the backend source only. This differs significantly from other traditional synchronization solutions, which are designed around a point to point or hub and spoke pattern. RadiantOne cache refresh leverages ESB/JMS to guarantee delivery of updates, and only when updates are delivered, verified, and processed, is the change made to the persistent cache.
Only RadiantOne Virtual Directory Server Context Edition offers the ability to build new contexts and new data structure out of existing data silos. Having this flexibility over data representation with RadiantOne's exclusive and advanced metadata management is the key to context management for today, and for the future of IdM.
Within applications, logic and context are explicit. Once you begin to use application-specific data outside its silo, however, integrating it with other information, you need a way to preserve and understand the contextual relationships between data points, and also discover new semantic relationships across silos.
RadiantOne offers a unique way to represent integrated identity information across silos, and publish it in different contextual views for different requirements. The specialized context management tools of RadiantOne VDS Context Edition allow administrators to understand existing schema and data relationships, building new views of the data as needed. These hierarchical views make it possible to securely manage the context of your data, integrated from heterogeneous data silos.
These virtualized views can be accessed as LDAP directory views, SQL database tables, or called as web services. This valuable semantic layer can be used in even the most complex environments, without disruption to existing systems.
VDS’s patented technology supports a semantic tagging which translates your data into English sentences. Identities and their relationships to resources are translated into their respective contexts. The end result? Data becomes information that can be fully interpreted at the business level. This unique capability is a key enabler to a comprehensive deployment of security and authorization policy.
Back to top ^ |
