Governance Controls Overview

TIBCO ActiveMatrix Policy Director Governance allows you to secure services using various types of security policies.

Each governance control is designed to perform an intended policy action such as authentication, authorization, confidentiality, integrity, credential mapping, or logging.

You can apply the policies to incoming messages received from service consumers and to the outgoing messages to service providers. The policies can be applied at the endpoints.

You require the following external resources to enforce a policy at run time:
  • Authentication service providers
  • Identity service providers
  • Trust service providers

Any of the above providers may be configured and shared among the policies as resource templates. A policy refers to a service provider as a resource instance.

For example, If you configure a resource instance named LdapAspRI, the same resource can be used for LDAP authentication as well as WSS authentication.

TIBCO ActiveMatrix Policy Director Governance provides the following types of policies:

Policy Types
Category Policy Applies To
Authentication
  • Basic
  • Username Token
  • SAML
  • SiteMinder
  • Kerberos (SPNEGO)
  • Service
Authorization
  • Role
  • Service
Confidentiality
  • Encrypt
  • Decrypt
  • Service
  • Reference
Integrity
  • Sign
  • Verify Signature
  • Service
  • Reference
Credential Mapping
  • Basic
  • Username Token
  • SAML
  • Reference
Audit
  • Logging
  • Service
  • Reference

Message Delivery

  • WS Reliable Messaging
  • WS Addressing
  • Service
  • Reference