Access++
The Access++ is a product from Choudhary Associates that combines a host of information assurance concepts and technologies in to one easy to deploy product. It combines authentication, continued authentication, role based authorization, monitoring, and access control.
Access++ derives from the research at Choudhary Associates that introduces a new technology, namely a computable compound identity (CCI). Choudhary Associates have implemented their CCI technology in their Access++ product. It generalizes the concept of user identity and also includes Situation Awareness information. It is compounded from user attributes and situation awareness characterizations. Each attribute and characterization represents the security policies and the intent behind them.
The CCI resides on the policy server, versus on a smartcard or a mobile device, and can be flexibly modified in a way that is transparent to the user. In the event the user credentials or device are lost, stolen, or otherwise compromised, the CCI can appropriately modify the Access++ process in response to that. The product is thus flexible, evolvable, and user friendly.
The product achieves its functional objectives by integrating the CCI with the Policy Management developed in collaboration with Army Research Lab and International Technology Alliance. Successful accomplishment of this integration was a crucial milestone.
The product has enabled significant additional advantages over the current practices:
- Access++ has reduced reliance on passwords and also has made authentication user friendly;
- Access++ has incorporated Situation Awareness so that a valid userid/password can be refused authentication in a situation where a "cyber threat condition index" has worsened in the "common operations picture". In such a scenario, Access++ can optionally grant authentication but in reality send the user to a honey net. The authentication decision is therefore no longer limited to a binary yes and no;
- Access++ has enhanced the capabilities based on the multifactor authentication alone by enveloping the existing schemes within a CCI based additional access control dynamics.
Access++ has provided the hitherto missing link
in implementing a RAdAC (Risk Adapted Access Control) type capability. Therefore, it s potentially
of seminal significance towards the era of smart enterprises.
