Insurance: Agent Enablement
Insurance: Mobile Workforce
Insurance: Policy Silo Integration
Media: Distributed Authentication
Government: Identity Bridging
Telecom: SLA Enforcement

Agent Enablement

Insurance organizations have complex procedures associated with quoting, issuing and processing insurance policies to agents. These procedures touch multiple data repositories and applications resulting in business processes that can span identity domains and organizations. The architecture team at a large insurer decided that a Service Oriented Architecture (SOA) offered the best combination of flexibility, reuse and reach in delivering insurance processes to remote agents and partner broker networks. However, exposing services to remote agents and broker networks introduced several identity and security challenges foremost of which was the problem of taking a request for policy information coming in over the Web and making it relevant in a SOA / Web services environment.

The Business/Technical Challenge

The insurance company needed a secure and repeatable mechanism for exposing process like policy quoting to remote agents coming in over browsers. This required an ability to take user log-in credentials and translate them into a message level Web services security token that could be used for authenticating and authorizing decisions across distributed services. This was made hard by the need to map a user identity into a Web services security token and then performing the necessary token and XML processing operations to make necessary access decisions and satisfy security requirements. This was also complicated by the need to tie into existing federation and Single Sign-on (SSO) infrastructure so access could be enforced consistently across Web and Web services resources.

Why Layer 7

To allow agents access to SOA based policy quotation services required complex XML processing and identity orchestration. Agents would make requests for policy information using browsers connected to the insurance company through the IVANs network. The insurance company would then need to translate these Web requests into Web services requests that could be used to generate dynamic policy quotes and URL links to the quoted policies. This interplay between the Web and Web services operations required an XML intermediate to map messages between the Web and Web services domain while orchestrating identity and security between a Web request (get a policy quote), Web services response (dynamic policy quotes with web links to associated policy information) and finally a Web Single Sign-on to the Web hosted policy information. Layer 7 was selected because of its ability to manage these complex XML processing and identity operations between the Web and Web services domains through a simple policy definition language.

The Benefits of Layer 7

Using the SecureSpan XML Networking Gateway the insurance company was able to extend their SOA based business processes like “get quote” to field agents using browsers. To make this a reality required an XML gateway that can make Web services requests based on Web authentication credentials and then coordinate between an SSO and federation server to generate security tokens that could be used to access both Web services and Web servers. This was made possible by the SecureSpan XML Networking Gateway’s rich policy environment for defining how Web requests get handled in a Web services domain.

 

  © 2007 Layer 7 Technologies Inc. All rights reserved.