Enforcement Foundry Vision

Our goal was to create a full-compliance ANSI RBAC management and enforcement system building on existing open-source applications, which is both simple to implement and cost-effective to maintain.

Below is an image of the infrastructure that participates within the Enforcement Foundry stack.  For the legend, please see lists below.

Enforcement Foundry Vision

Fortress Server

Refer to Numbers in Blue

1. Java Servlet container for hosting IAM components
2. RBAC APIs used by items following
3. UI for IdM and RBAC policy admin
4. UI for OpenLDAP mgmt & config
5. RESTful policy server for RBAC services
6. WS-Trust B2B SSO (roadmap)
7. SAML 2.0 B2C SSO (roadmap)
8. LDAPv3 client
9. JDBC client
10. Sentry plug-in

OpenLDAP Server

Refer to Numbers in Red

1. Slapd daemon provides LDAPv3 protocols
2. Lightning Memory-mapped Database (LMDB) and multi-tenant data model
3. Short-term audit trail and history using slapo access log overlay
4. Password policies using pwpolicy overlay
5. Virtual Directory (BackSQL) integration with fine-grained entitlement DBs
6. Virtual Directory caching using slapo cache overlay
7. Integration with other LDAP servers (AD, ApacheDS, more)
8. RBAC Policy Decision Point using slapo rbac overlay

MySQL Server

Refer to Numbers in Yellow

1. Long-term audit storage and retrieval (roadmap)