Fine-Grained Policy-Based Access Control: Why & How?
- LANGUAGE: English DATE: Thursday, October 18, 2018 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
Mastering authorization is critical for modern organizations with multiple user constituencies, applications, and data types. Authorization has become a crucial part of security infrastructures and can no longer be considered just another feature of existing IAM solutions. Instead, authorization control infrastructures have developed their own segment in the security market.
There is a need for more than just one technology to meet different needs of the market, especially in the areas of administration and governance - both dictate the need for an authorization solution.
Furthermore, customers face challenges in several areas – the main one is having no insight into what data and functionalities users are able to access. And while there is a constant need for businesses to continuously modify, extend, and modernize their processes and business models, there is a lack of adequate and agile data access control and management functionality.
RBAC (Role Based Access Control) has proven handy for adding manageability and assurance to coarse- or medium-grained authorization but break down in the face of dynamic environments or complex access policies. Attribute-based access control (ABAC) has gained adherents but is in fact just another piece of the puzzle. Policy-based Access Control (PBAC) is an emerging model that seeks to help enterprises address the need to implement actionable access control schemes based on corporate policy and governance requirements. In general, PBAC can be considered the harmonization and standardization of the ABAC and RBAC models at an enterprise level in support of specific governance objectives.
In this webinar you will learn more about:
- The concept of Authorization as business need and technology requirement.
- Why Authorization is a feature and important piece of the IAM puzzle.
- Why Authorization is one of the main concerns of the business owner of the information.
- Why your authorization solution should enable the business as well as the admins.
In the first part of the Webinar Kuppinger Cole Lead Analyst John Tolbert will introduce the benefits and challenges of data-centric security based on RBAC (Role-based Access Control), which has often shown to be overly static and difficult to manage, complemented with ABAC (Attribute Based Access Control).
In the second part of the webinar, Gal Helemski from PlainID will talk about the concept of Authorization as a whole solution. She will describe the benefits of implementing a unified approach to address them. A single dynamic authorization architecture works across formerly separate dimensions, and can thus solve most problems through a combined RBAC and ABAC approach.
PlainID provides a simple and intuitive way for fast-paced organizations to create and manage their authorization policies.
Our agile, standards-based platform acts as a master policy layer, managing multiple policies seamlessly between all facets of IAM. PlainID simplifies Authorization to one point of decision, one point of control and one point of view of every authorization level: in the cloud, mobile and on-premise applications.
We provides both enablement policies – define what an identity can access or can request, and restrictive policies – define what shouldn’t happen – SOD (separation of duties), Compliance and security policies. Policies are managed in graphical display, clearly visualizing the connections between people, devices and services and all those authorizations.
Access Governance-Tools sind in der heutigen Business-IT ein unverzichtbares Element. Sie dienen dem Management von Benutzer- und Berechtigungsworkflows, der Vergabe von Zugangsrechten, der Durchführung von Kampagnen zur Zugriffszertifizierung und der Implementierung und Prüfung von Controls für die Funktionstrennung (SOD). Mit einer wachsenden Zahl von Business-Applikationen, gerade auch aus der Cloud, und ihrer Vernetzung wächst die Herausforderung, Access Governance übergreifend und automatisiert umzusetzen.