Modernising Access Control
Hazelcast Connects the Dots of Access Control
The ability to quickly and cost effectively deliver secure and trusted systems is vital for the majority of business today. B2C (business-to-consumer) and B2B (business-to-business) systems demand reliable and secure communications. One of the most important requirements for B2C business processes and their management is security –features that control access for customers, partners, operators and administrators. Similarly for B2B communications, systems should have the flexibility to deliver new functionality quickly without sacrificing security. At the same time these systems should be able to handle security checks for millions of transactions a second without impacting SLAs.
These concerns are multiplied by today’s multi-channel relationships with customers, access and security systems must be coherent across, mobile, tablet, desktop and customer service systems. Failure to modernize access control can lead to costly integration of systems at best and at worse, security breaches that could ruin not just a companies reputation but also land it in serious trouble with data protection agencies.
Many system contact points now rely on multi-factor authentication using trusted devices, such as a code sent to a customers mobile phone to authorize a transaction. The system features required to perform such a user interaction involve fault tolerant messaging and reliable data expiration. This can involve expensive wiring between many systems. The days of simple username and passwords are gone. Today’s businesses run on multiple computer systems, the ability for an IT department to deliver coherent security across all of these concerns is vital.
An in-memory data grid (IMDG) such as Hazelcast IMDG® provides the fundamental infrastructure required to bind these various security concerns into one place. Security tokens and authentication information must be made available at microsecond latency and be easily integrated into existing security systems and flows. The security data must be highly available but at the same time be itself secure from tampering. Hazelcast IMDG delivers microsecond speed for querying of security information, coupled with its easy scalability and high availability. And just as Internet facing systems can see huge spikes, so can the security systems that they use. Hazelcast® Enterprise is a hardened version of Hazelcast that comes with our Security Suite, which provides industry leading security: with end-to-end TLS encryption, mutual authentication with X509 certificates, and many other security features, making it ideal as the infrastructure for access control.
Why Most Data Stores Fall Short…
Why Hazelcast IMDG is Ideal…
|Most data stores are still reliant on disk for the bulk of their storage requirements, this results in slower query times. Security checks must be completed in micro to milliseconds so as not to slow down the system, while keeping it secure.||Hazelcast data storage is highly optimised and in-memory. Data can be retrieved in microseconds while handling hundreds of thousands of requests a second, all on commodity hardware.|
|Time based expiry of messages is very hard to achieve in data stores such as relational databases. Expiring temporary access tokens is a common feature of modern access control systems.||Hazelcast provides TTL (Time to Live) at an entry and data structure level. Additionally events can be generated and tied to listeners for notification.|
|Most data stores are complex and costly to scale according to demand. Many data stores cannot be installed to scale without operator intervention, this is an essential feature for systems that wish to operate cost effectively within on-demand cloud environments.||Scaling a solution built on Hazelcast is as easy as starting an extra process. Hazelcast takes care of the rest, distributing data and tasks fairly, while the system is still running.|
|NoSQL data stores often have missing security features.||Hazelcast Enterprise with Security Suite is hardened and has comprehensive security features.|
Customer Success Story
A global top ten retail bank is using Hazelcast IMDG to store trusted device tokens to enable customer banking transactions across its multi channel estate. Hazelcast high-availability clustering and reliable expiry policies have allowed delivery of this new service in record time.
A major retail bank in Spain uses Hazelcast IMDG to store session authentication tokens that allow a seamless transition of the session between customer multiple devices.
A leading managed care consortium in the United States is using Hazelcast IMDG to provide security over medical data to flag sensitive documents for possible HIPAA (Health Insurance Portability and Accountability Act) violations.
Products in this Use Case: