From static roles to dynamic attribute-based authorisation - Authorise flexibly, make decisions in real time, ensure compliance
- LANGUAGE: English DATE: Tuesday, September 08, 2015 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
Traditional identity & access management (IAM) relies on the modeling of roles and permissions for the administration of rights. However, the digital transformation of business models and the demand for more flexibility and increased speed of implementation is turning out to be more than what a pure role model could provide. IAM is now much more essential to operations than was the case a few years ago, and therefore requires more agility. Dynamic authorisation provides this and is the core of the new IAM framework.
Dynamic authorisation, relying on the use of fine-grained attributes, promises to simplify and speed up the granting of rights while maintaining the necessary compliance to legal requirements.
Dynamic authorisation systems complement or replace the rigid role concepts through direct implementation of business-driven authorisation rules in the form of policies, and they make decisions about the access of employees, partners, and customers/clients in real time.
This webinar will describe the requirements, processes and systems on which attribute-based, dynamic authorisation management is based:
- Expressing your security requirements as dynamic rules (policies).
- Defining necessary access rights based on the properties of identities.
- Granting permission on the basis of well-defined rules that can be documented for audits and are thus legally conformant.
- Proving an overview of the technical components that are necessary for modern attribute-based authorisation management.
- Further development of your traditional role approach (RBAC) to a combined RBAC/ABAC or purely attribute-based (ABAC) approach, step by step.
In the first part of this webinar, Matthias Reinwarth, senior analyst at KuppingerCole, will lay out the need for dynamic, fine-grained access rights in modern enterprises against traditional role-based access. Then, he will illustrate the evolving challenges and conceptual changes for companies on the way to dynamic authorisation at a glance.
In the second part, Gerry Gebel, President at Axiomatics Americas, will present an overview of the concepts and implementation of the Axiomatics Policy Server infrastructure as an exemplary implementation of a dynamic authorisation system and report on practical experiences gained from concrete projects with end customers.
Axiomatics provides externalized authorization management for databases, Big Data, applications and APIs. Our Attribute Based Access Control (ABAC) solutions are ideal for enterprises and government agencies moving away from role-based frameworks, and into more context-aware policy-based access control models. The Axiomatics authorization suite is ideal for these organizations that must securely share information while complying with complex and ever-evolving regulations.
As users, devices and application workloads move outside the corporate network, the traditional model of enforcing security at the network perimeter is no longer effective. A Zero Trust model offers an alternative that secures data while ensuring it is accessible to employees, regardless of where they are working. But the path to achieving Zero Trust is unclear for many organizations.