Project: AEMS - Active Entitlement Management System, unifying and optimizing access to all information in an enterprise network.

Identity & Access Management is one of the fastest growing markets in the information security world. As the amount of data and numbers of users and transactions skyrockets, it is becoming increasingly important to regulate who has access to which resources and can perform what actions. Entitlement Management systems attempt to do just that._x000D__x000D_Currently, more than 90% of enterprises use basic Access Management solutions, through which each service (ERP, networking, mail, and storage) manages its own user and privilege database. With thousands of users and dozens of services, managing access and privileges efficiently is nearly impossible. Thousands of unused accounts, wasting enterprise resources, costing licensing fees and creating ever expanding security breaches are common in almost all large organizations. Entitlement Management centralizes all access rights and allows enforcement of policies that span the entire enterprise, not just a single service. The outcome is a meaningful saving of management labor, higher security and It management efficiency._x000D__x000D_Regulatory requirements such as GLBA, HIPAA, Sarbanes-Oxley, as well as the EU Data Protection Directive are forcing organization to transition to entitlement management. Forrester estimates the Identity and Access Management markets to exceed $12.3B in 2014 (software + service) while Global Industry Analysts Inc. estimate the market size for software alone to exceed $4.9B in 2012._x000D__x000D_The integration of the Internet is another driver from access control to entitlement management. The ability to quickly define broad policies is the only way to efficiently allow mass access to information and services online without compromising security. _x000D__x000D_The problem facing organizations that plan to transition from access management to entitlement management solutions is that porting a patchwork of tens or hundreds of thousands of access privilege configurations, all defined over years; in different formats into a centralized system are a Herculean task, costing hundreds of thousands of dollars and taking many months to implement. Attempts were made in recent years to develop automated solutions for the task, but all those could do is at best replicate the same inefficient set of privileges in a centralized system. _x000D__x000D_AEMS (Active Entitlement Management System) is a solution using a completely new approach to transitioning from access management and continuously COtaining it at top efficiency. Instead of trying to mimic legacy system, AEMS uses a learning period to run in the background and tracks each user’s access patterns. After the learning phase is complete, AEMS reconstructs a new entitlement structure, optimized for each user’s actual needs and use of enterprise services. _x000D__x000D_• Unified Access Management System – A unified, standards based access management system that combines access management (network, mail, ERP etc.) into a centralized and policy-based solution. _x000D__x000D_• Entitlement Unification Engine – Automates the transitioning from multiple access control systems into one unified entitlement solution allowing _x000D__x000D_• Automatic Entitlement Optimizer – Actively monitors all transactions taking place in the enterprise and eliminates unused accounts and privileges._x000D__x000D_• Transaction Anomaly Monitor - Actively monitors all transactions taking place in the enterprise and provides alerts when irregular transactions occur, allowing the system to detect and block malicious activity._x000D__x000D_AEMS is the result of cooperation between Axiomatics, a leading entitlement management solution developer from Sweden and Whitebox Security, an Israeli developer of activity monitoring & Identity Intelligence solutions. The companies have recently signed a joint development and marketing agreement._x000D__x000D_Axiomatic policy based Entitlement solution allows large organizations such as PayPal, Bell Helicopter, British Telecom and some of the largest financial institutions in America to quickly launch new online services and manage access privileges of hundreds of millions of users. _x000D__x000D_Whitebox’s WhiteOPS™ transaction tracking and identity intelligence technology has been selected by HP as of the top cloud security technologies of 2010, and is a key component in their enterprise IT solution portfolio. _x000D__x000D_AEMS is designed to answer the needs of medium and large organizations. A typical installation can cost anywhere from $250,000 - $500,000 with recurring annual costs running at approx 25% of the base year cost. AEMS will be sold in the US, European and Asian markets through Axiomatics’ and Whitebox’s distribution channels. _x000D__x000D_The development of the AEMS will last 27 months and cost €1.8M. The product is expected to yield sales of nearly €40M over a period of 5 years from the date of its completion.

Acronym AEMS (Reference Number: 6032)
Duration 01/11/2010 - 31/10/2012
Project Topic AEMS combines and replaces all access management solutions in an enterprise network. AEMS automatically optimizes user access to information systems, reducing resource waste and eliminate security risks. AEMS detects anomalous transactions, generates warnings and blocks illegal activity.
Project Results
(after finalisation)
Whitebox Security completed the project completely meeting it's goals. From R&D perspective the project contributed grealty for Whitebox Security's technology and products. Furthermore, the collaboration with Axiomatics helped Whitebox Security gain better market understanding that contributed Whitebox Security's GTM plans as well as product positioning and strategy. _x000D_1) All internal technology milestones were completed as expected._x000D_2) Not all external/collborative technology milestones were completed, we still plan to complete theses in the near future._x000D_3) Few additional, unplanned, technology milestones were added and completed. _x000D_4) Preliminary GTM plans for the technology/product were constructed.
Network Eurostars
Call Eurostars Cut-Off 5

Project partner

Number Name Role Country
2 Axiomatics AB Coordinator Sweden
2 Whitebox Security ltd. Partner Israel