Case Study dwpbank
The Client
The Deutsche Wertpapier Service Bank AG (dwpbank) renders services as transaction bank for its clients, the customer banks, in the field of handling bonds.
Among the clients of the dwpbank are almost all mutual savings banks, the majority of savings banks, but also Postbank and private banks such as Dresdner Bank. Thus, the dwpbank is both with regard to the number of managed bond accounts and the transaction volume by far the market leader in Germany among the bond transaction banks.
Besides the successful attraction of new customers the dwpbank gained the role of market leader also by numerous mergers and take-overs. The last action of this kind was the acquisition of the TxB Bank by which the dwpbank took over the business of handling bonds of the North German and Bavarian savings banks.
With about 2.000 employees the dwpbank uses its IT-systems to attend to numerous clients with several 100.000 users throughout Germany.
Due to the facts mentioned above, the dwpbank has a permanently high need of consolidation concerning its information technology and its own organisation.
The Challenge
The permanent growth confronted the dwpbank with the task to simulatniously operate several handling systems with all containing identities. In addition the consistent administration of the digital identities of different users on the clients' side in their various roles became a real challenge.
Especially the authorization system RACF used on the host so far turned out to be tremendously time-consuming, accompanied by the latent possibility of errors creeping in the user administration.
Already in 2004, the search for options to achieve a significant increase in efficiency and security by the introduction of an Identity Management (IdM) based on software began.
The Solution
Resulting from the challenges described above, the dwpbank evaluted the Sun technology „Sun java Enterprise System" consisting of the components Directory Server, Identity Manager and Application Server on the basis of Sun Solaris.
On this platform the construction of a new centralized IdM-platform for the dwpbank began:
- installation of a LDAP-Meta-Directory on the IdM-Plattform
- authorisation information is forwarded directly to the RACF-system of the host via an adequately ready-made adapter from the IdM-System
- For the readout of DES3-algorythm encoded passwords, an individual solution had to be developed due to the lack of standard software on the market
- Thus, exchange and comparison of identity data into both directions was enabled.
This IdM-solution was integrated into a high availability platform on the basis of Sun servers and an Oracle data base. In addition, a Single-Sign-On solution was integrated, increasing usability.
The result
The solution described was introduced in phases between 2005 and 2006 and forms the basis of the dwpbank's entire identity management ever since.
Even now the IdM solution of Xionet/Sun supports more than 100.000 users at the clients' of the dwpbank.
Basically this involves users of WP2, the target system for the entire consolidation of the handling systems within the dwpbank. The consolidation is currently completed for the larger part of the savings banks' customers, Dresdner Bank, Postbank, and additional private banks.
The current task is the consolidation of cooperative bank clients and the remaining savings banks within the customer base of the TxB Bank.
The importance of the IdM solution of Xionet/Sun for the Identity Management of the dwpbank will continue to grow. The goal is to administer around 200.000 user accounts with this solution.
