melfi Security Solutions

melfi — Distributed user administration made secure The Cathedral of Melfi (Italy) Securely signed, sealed, delivered — For your peace of mind.

Task to be solved

Imagine a distributed organization or a company with an array of different locations or sites: many business processes are transacted with other organizations (vendors, customers). In so doing, a wide variety of different systems are used on either side. Back-office employees and external users and applications require dedicated access rights and a universal identification.

Uniform, secure user rights administration providing for full reconstructibility is key when it comes to effectiveness, cost vs. benefit, and the protection of sensitive business data.

Sound user administration is dependent not only on a reliable technology, e.g. employing strong encryption to protect individual administrative processes, but also on taking the human factor into account: the personal relationship of trust between the administrator and the system user is an essential security element in issuing access rights. In a highly distributed organization, an interrupted chain of relationships based on trust has to be established throughout the enterprise. This aspect in particular is instrumentally supported by melfi’s design.
In so doing, all administrative processes have to provide for complete reconstructibility, a key prerequisite to be satisfied by processes in large listed corporations (cf. IFRS, Sarbanes-Oxley Act).

This results in the following requirements:

  • Distributed administration of users and rights
  • Maximum security provided by encryption
  • Support of personal relationships of trust between users and the local administrator
  • End-to-end traceability providing uncontroverted proof of the granting or revocation of access rights
  • Easy integration in any application
  • Global deployment
    • across individual sites within the enterprise or beyond the enterprise itself
    • for individual applications, or for groups of applications


melfi provides the ideal security solution for all cases whether complex or simple: persons and systems/programs alike are identified via the digital certificates of a public key infrastructure (see RFC 5280).
Access and administrator rights are modeled by attribute certificates (see RFC 5755).

melfi functions like an electronic notary: a set of rules is defined and monitored by melfi for one or more applications operated in a network. These rules determine the conditions under which someone may issue rights to someone else or revoke them. In so doing, the security policy is precision-modeled by a uniform set of rules.


melfi consists of a number of Java-based components that can be integrated with existing applications without any programming effort. Thanks to proprietary expansion components these modules can also be adapted to the special requirements of an organization or the target applications requiring protection.

Advantages to you

melfi is a must whenever the central, secure, uniform administration of users is not possible or practical for organizational or other reasons.

The key features of melfi:

  • Universal user and rights management
  • Enables the delegated administration of complex organizations
  • Can be used on all applications throughout the network
  • Secure processes and user data ensured by digital signatures
  • Provable processes evidenced by end-to-end audit trail
  • Multi-tenant capability
  • Integration in any environment made easy

Have we piqued your interest?

Please don’t hesitate to contact us for more information on melfi.

Markus Wagner

Markus Wagner
Head of Security Solutions

Telefon: +49 (6897) 935-175
Telefax: +49 (6897) 935-100

Contact me for your security needs.