Services Customers Investors Contact
OpenPMF 2.0 Model Driven Security Management
OpenPMF 2.0 Model Driven Security Management
OpenPMF 2.0 Model Driven Security Management
Products  OpenPMF™ - Making Security Policy Manageable Through Automation
OpenPMFOther Products

Want to see it in action? EXPLAINER DEMO

Difficulties managing fine-grained authorization, attribute-based access control (ABAC), OASIS XACML etc?
Are rules too complex, and your IT landscape is ever-changing? OpenPMF can help you!

OpenPMF Model-Driven Security Policy Automation is a software product that turns human-manageable security policies automatically into the matching preventive technical security (esp. access) enforcement implementation and proactive detection/monitoring implementation. It also generates evidence for accreditation/compliance, remediation and forensics automatically. OpenPMF (Open Policy Management Framework) reduces cost, improves security, and speeds up accreditation/compliance. OpenPMF supports today's agile, complex policies & IT landscapes (SOA, IoT, PbD, PaaS...). OpenPMF uses semantics-based approaches to make security more manageable (model-driven security, MDS, & ontologies). OpenPMF is standards-based (Ecore/MOF, XMI, XACML, ABAC OWL/RDF/SPARQL...). OpenPMF is very well suited to implement guidance/regulations (NIST 800-53, ...)

OpenPMF™ Model-Driven Security Policy Automation
helps you turn human-manageable security policies automatically into the matching technical implementation
helps you generate accreditation/compliance evidence automatically
helps you reduce cost, improve security, speed up accreditation/compliance
helps you support security for today's agile, interconnected applications, including Service-Oriented Architecture (SOA), Internet of Things (IoT), privacy by design (PbD), and cloud platforms (PaaS).
uses model-driven security (MDS) - a unique, patent-pending technology - to simplify policy management more than other approaches (e.g. visual/linguistic)
includes a model-driven policy authoring tool, a model-driven rule generation tool, an attribute-based authorization policy server, and policy decision/enforcement points.
is standards-based (incl. Ecore/MOF, XMI, XACML, attribute-based access control - ABAC).
is very well suited to implement guidance/regulations (NIST 800-53, ...)
OpenPMF allows you to:
1. Capture human-intuitive, general, expressive security policies in models (ontology-based)
2. Generate corresponding technical enforcement automatically (ABAC etc.)
3. Enforce your policies automatically across your IT systems
4. Monitor security incidents automatically
5. Maintain correct enforcement automatically for agile interconnected systems
6. Verify and document compliance with compliance policy models easily
OpenPMF Out-of-the-Box Supported Technologies:

OpenPMF is customizable for your particular business and IT landscape. We currently offer pre-developed integration and support for the following technologies:

XACML Authorization Management
Eclipse IDE & modeling framework
Eclipse OM2M Internet of Things Services Platform

BPMN business processes: Intalio BPMS
SOA web app server: BEA Weblogic
, Glassfish, Axis2/Tomcat
Data Distribution Service: RTI DDS, incl. NDDS 5.1.1 / DDS Security
CORBA Components: Qedo CCM
Message-oriented mdiddleware: XMLBlaster
Fraunhofer FOKUS AD4 CCM MDA toolchain
Firewalls: IIOP ObjectWall ('network PEP')
Promia Raven NIDS
Public Key Infrastructure (PKI): X.509
Privilege Management (PMI): OMG ATLAS
Directory Services: LDAP
Databases: Secerno (under dev.)
Databases: PostgreSQL (under dev.)

Other technologies: supported on demand

More Information & Contact:




Copyright (c) 2000-2015 ObjectSecurity - all rights reserved
OpenPMF is protected by US Patents 8,856,863, 9,043,861 etc.
copyright & terms of use -site map overview - webmaster