Services Customers/Partners Contact/About
OpenPMF 2.0 Model Driven Security Management
Products  OpenPMF™ - Making Application Security Manageable Through Automation
OpenPMFOther Products

Difficulties managing fine-grained authorization, attribute-based access control (ABAC), OASIS XACML etc? Are rules too complex, and your IT landscape is ever-changing? OpenPMF can help you!

OpenPMF™ Model-Driven Security Policy Automation: OpenPMF automates the process of turning human-manageable security requirements into the matching technical security policy implementation and accreditation/compliance evidence. OpenPMF is key to reducing cost, improving security & accreditation/compliance, and supporting security for today's agile, interconnected applications (e.g. SOA/cloud/IoT).
OpenPMF uses model-driven security (MDS) - a unique, patent-pending technology - to simplify policy management more than other approaches (e.g. visual/linguistic) can. MDS lets you:
Capture security policies in the intuitive/generic way you want, using model-driven security
Generate corresponding technical enforcement automatically, e.g. attribute-based access control (ABAC) rules, PDL, XACML.
Enforce your policies automatically across your IT systems
Monitor security incidents automatically
Maintain correct enforcement automatically for today's dynamically changing, interconnected applications (e.g.SOAs/Cloud based)
Analyze and document automatically that the security implementation meets compliance/accreditation requirements.
OpenPMF™ includes a model-driven policy authoring tool, a model-driven rule generation tool, an attribute-based authorization policy server, and policy decision/enforcement points. OpenPMF is standards-based (incl. Ecore/MOF, XMI, XACML, ABAC).


Click to open the all-in-one poster (PDF):

(watch as JPEG image instead )

Watch OpenPMF in action as part of a U.S. Navy demo deliverable:

(watch on YouTube instead )



OpenPMF Out-of-the-Box Supported Technologies:


The OpenPMF Solution is customizable for your particular business and IT landscape. We currently offer pre-developed integration and support for the following technologies:

XACML Authorization Management
Eclipse IDE & modeling framework
BPMN business processes: Intalio BPMS
SOA web app server: BEA Weblogic
, Glassfish, Axis2/Tomcat
Data Distribution Service: RTI DDS
CORBA Components: Qedo CCM
Message-oriented mdiddleware: XMLBlaster
Fraunhofer FOKUS AD4 CCM MDA toolchain
Firewalls: IIOP ObjectWall ('network PEP')
Promia Raven NIDS
Public Key Infrastructure (PKI): X.509
Privilege Management (PMI): OMG ATLAS
Directory Services: LDAP
Databases: Secerno (under dev.)
Databases: PostgreSQL (under dev.)

Other technologies: supported on demand


The OpenPMF Product integrates out-of-the-box with Intalio BPMS and one of the application servers supported by Intalio. :

Intalio BPMS / Eclipse





Copyright (c) 2000-2014 ObjectSecurity - all rights reserved
copyright & terms of use -site map overview - webmaster