IAM for Swisscom Extranet

New identity and access management infrastructure and user management application

Swisscom’s Extranet for corporate customers now has a new IAM infrastructure, incl. nevisIDM. In addition, AdNovum implemented an application enabling rights management by the customer.

With the project „Generation Change Extranet“ („Generationenwechsel Extranet“), Swisscom replaced their user management and meta data management eServices in the Extranet for corporate customers. The new IAM infrastructure is based on AdNovum’s security framework Nevis. In addition to nevisProxy and nevisAuth, it now also includes the component nevisIDM. The new infrastructure provides both enhanced stability for the Customer Extranet and further extendibility for future business requirements.

At the same time, AdNovum implemented a new graphical user interface (GUI) for the user management. Based on a multi-level hierarchical role concept and the respective rights profiles, responsibilities and rights are assigned to employees of Swisscom and individual corporate customers. The customer defines a person (master user) who is responsible for the administration and assignment of rights and contracts and who is authorized to assign administration rights to additional persons (delegates).


  • Central access management
    • Authentication, authorization, Web Application Firewall
  • Identity management directly in the IDM system during the entire lifecycle
    • Create, modify, delete companies and users
    • Create and modify contracts. Delegate contract rights
    • Create, modify and delegate rights
    • Assignment of administration rights by master user to additional users at the customer’s (delegation of rights)
    • Automatic delegation of rights to all users of an OU
    • Mass mutation of all objects via Excel upload (users, companies, contracts, rights, assignment of rights and contracts to users)
  • Auditing and Reporting:
    • Recording and displaying of actions in the GUI
      (all actions or filtered by customer, period, type of action [create, modify, …] and/or object)
  • 24/7 operation
  • Up to more than 3000 logins / h


  • Nevis components (nevisProxy, nevisAuth, nevisIDM, nevis Admin)
  • JEE6
  • JSF2 with custom components
  • Web services
  • GlassFish
  • jdk16
  • Oracle DB