From static roles to dynamic attribute-based authorisation - Authorise flexibly, make decisions in real time, ensure compliance
- LANGUAGE: English DATE: Tuesday, September 08, 2015 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
Dynamic authorisation, relying on the use of fine-grained attributes, promises to simplify and speed up the granting of rights while maintaining the necessary compliance to legal requirements.
Dynamic authorisation systems complement or replace the rigid role concepts through direct implementation of business-driven authorisation rules in the form of policies, and they make decisions about the access of employees, partners, and customers/clients in real time.
This webinar will describe the requirements, processes and systems on which attribute-based, dynamic authorisation management is based:
- Expressing your security requirements as dynamic rules (policies).
- Defining necessary access rights based on the properties of identities.
- Granting permission on the basis of well-defined rules that can be documented for audits and are thus legally conformant.
- Proving an overview of the technical components that are necessary for modern attribute-based authorisation management.
- Further development of your traditional role approach (RBAC) to a combined RBAC/ABAC or purely attribute-based (ABAC) approach, step by step.
In the first part of this webinar, Matthias Reinwarth, senior analyst at KuppingerCole, will lay out the need for dynamic, fine-grained access rights in modern enterprises against traditional role-based access. Then, he will illustrate the evolving challenges and conceptual changes for companies on the way to dynamic authorisation at a glance.
In the second part, Gerry Gebel, President at Axiomatics Americas, will present an overview of the concepts and implementation of the Axiomatics Policy Server infrastructure as an exemplary implementation of a dynamic authorisation system and report on practical experiences gained from concrete projects with end customers.
Axiomatics provides externalized authorization management for databases, Big Data, applications and APIs. Our Attribute Based Access Control (ABAC) solutions are ideal for enterprises and government agencies moving away from role-based frameworks, and into more context-aware policy-based access control models. The Axiomatics authorization suite is ideal for these organizations that must securely share information while complying with complex and ever-evolving regulations.
Despite compromised passwords being the leading cause of data breaches, most online businesses still rely on solely using passwords for logins. While getting rid of password authentication is desirable from a security standpoint, organizations fear that it is a costly endeavor that can also affect user experience.
Blockchain is still on everyone’s lips and the 2019 can be the year when large enterprises finally embrace the distributed ledger technology. KuppingerCole's inaugural blockchain-themed event will go beyond the hype and will present you real use cases and applications for your enterprise. Blockchain Enterprise Days (#BeDays19) will take place on September 18-19, 2019 in Frankfurt, Germany.