miSite allows banks to apply enhanced security protocols and procedures to any system within the bank or planned system to be deployed. This centralized security control system is fundamentally concerned with two things, users and data. Rather than the typical J2EE application, an SOA service and data store deployment is used in many companies where an application has users who can perform any operation on any data that the application owns, and the application is responsible for security.
Instead, miSite uses a model whereby the authentication of a user is not part of the application (users exist separately) and the application is simply a collection of services that access and manipulate data on behalf of an authenticated user. Furthermore, the application has no rights whatsoever within the data store. While applications can discover the rights of the current authenticated user they are not expected to enforce security.
Accordingly, the miSite module ensures a complete separation between the development and maintenance of an application and security requirements of the institution. The application enables the ability to impose, by injection and interposition, both application and data security on applications. This total separation allows the implementation of the security policies to follow the laws and organizational practices as they change from time to time without having to resort to application redevelopment.