Amid of barrage of more than 25 product announcements this week, IBM's Tivoli unit announced a handful of products aimed at the security market, including new privacy and identity management tools along with an access control service hosted by VeriSign.

IBM Tivoli Privacy Manager is intended to help companies automate enforcement of their privacy policies. While most companies write policies that lay out how they will use data collected from customers, there is often a disconnect between the policy and how customer data is handled in practice, says Arvind Krishna, vice president of IBM security products.

IBM's software helps express privacy policies in a machine readable, XML-based format. As customers submit data via a Web site, attached metadata can describe what policy applies. An access enforcement engine then ensures that all access to the data is consistent with the attached policy, Krishna says. For example, perhaps only shipping clerks can have access to customer address data.

In the identity space, IBM announced IBM Tivoli Identity Manager 4.3, based on its recent acquisition of Acess360. Identity Manager integrates with more than 70 different products -- including Web servers, operating systems, and packaged applications including Siebel, SAP and PeopleSoft, providing identity management across all of them. It helps users manage their own passwords, for example, easing the burden on help desks that often get bogged down helping users reset passwords.

Krishna says the IBM version is essentially identical to the previous Access360 product, but has been integrated with additional IBM products, such as its mainframes and RACF security tool.

IBM also announced that VeriSign will use the IBM Tivoli Access Manager to host its VeriSign Access Management Service, a managed service for access control and authentication. Access Manager provides single sign-on services across various enterprise resources, Krishna says. The VeriSign service will do the same for companies that prefer to outsource such services.