From static roles to dynamic attribute-based authorisation - Authorise flexibly, make decisions in real time, ensure compliance
- LANGUAGE: English DATE: Tuesday, September 08, 2015 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
Dynamic authorisation, relying on the use of fine-grained attributes, promises to simplify and speed up the granting of rights while maintaining the necessary compliance to legal requirements.
Dynamic authorisation systems complement or replace the rigid role concepts through direct implementation of business-driven authorisation rules in the form of policies, and they make decisions about the access of employees, partners, and customers/clients in real time.
This webinar will describe the requirements, processes and systems on which attribute-based, dynamic authorisation management is based:
- Expressing your security requirements as dynamic rules (policies).
- Defining necessary access rights based on the properties of identities.
- Granting permission on the basis of well-defined rules that can be documented for audits and are thus legally conformant.
- Proving an overview of the technical components that are necessary for modern attribute-based authorisation management.
- Further development of your traditional role approach (RBAC) to a combined RBAC/ABAC or purely attribute-based (ABAC) approach, step by step.
In the first part of this webinar, Matthias Reinwarth, senior analyst at KuppingerCole, will lay out the need for dynamic, fine-grained access rights in modern enterprises against traditional role-based access. Then, he will illustrate the evolving challenges and conceptual changes for companies on the way to dynamic authorisation at a glance.
In the second part, Gerry Gebel, President at Axiomatics Americas, will present an overview of the concepts and implementation of the Axiomatics Policy Server infrastructure as an exemplary implementation of a dynamic authorisation system and report on practical experiences gained from concrete projects with end customers.
Axiomatics provides externalized authorization management for databases, Big Data, applications and APIs. Our Attribute Based Access Control (ABAC) solutions are ideal for enterprises and government agencies moving away from role-based frameworks, and into more context-aware policy-based access control models. The Axiomatics authorization suite is ideal for these organizations that must securely share information while complying with complex and ever-evolving regulations.
The march of the cloud is unstoppable. Eager to outsource the tedious and expensive maintenance of their IT infrastructures to a reliable 3rd party, most companies would dream of becoming cloud-native, at least in the long term. Needless to say, letting someone else run your identity management out there sounds like a great idea as well, hence the rising popularity of Identity-as-a-Service solutions that combine the latest technology achievements with the flexibility of the cloud.
Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 14-17, 2019, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 800 thought leaders, leading vendors, analysts, executives, and end-users get together in Munich to be inspired by a list of world-class speakers.