Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture - Using ABAC for APIs and Microservices

  • LANGUAGE: English DATE: Thursday, September 28, 2017 TIME: 4:00pm CEST, 10:00am ET, 7:00am PT
Upcoming Webinars
Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture - Using ABAC for APIs and Microservices
In the Digital Transformation era, businesses must be more agile than ever to adapt to constantly changing technology and regulatory landscapes and to meet the newest customer-centric initiatives. Constantly bombarded with new business requirements, software development and DevOps teams are increasingly looking into new approaches to make their applications more flexible, scalable and easier to maintain and modernize. In recent years, service-oriented architectures and microservices in particular have become the preferred method for many developers to create modular and adaptable enterprise applications that can easily scale and span multiple devices and platforms.

As opposed to traditional monolithic applications, a (micro)service-based architecture comprises multiple loosely coupled modules (“services”) that serve specific business purposes and communicate over lightweight network protocols. Such services can be developed, deployed and scaled independently on different platforms, which greatly reduces the time needed to bring as new product to market and allows for continuous delivery development process, where small changes to the business logic of an individual service can be quickly introduced and deployed.

However, when designing a (micro)-service architecture, dealing with identity and security becomes a much more complicated task than in traditional monolithic applications: each individual component must know which user is interacting with it and which access rights are granted to him. Externalizing and centralizing access management is a natural choice for microservices systems to ensure consistently secure and scalable authorization. Implementing the authorization service itself as a microservice, providing policy-driven access control for other microservices and APIs seems to be just as natural… Or is it?

In this webinar, we will discuss:

  • Major drivers and newest challenges of emerging distributed application architectures
  • How (micro)service-oriented architectures are mandating new well-thought-out application security infrastructures to become efficient and stable
  • Deploying authorization as a microservice to fit the broader microservices strategy
  • Policy enforcement on API gateways: benefits and potential obstacles

In the first part of the webinar, Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, will look at the new challenges emerging from service-oriented architectures and microservices in particular. He will talk about efficient MVP approaches with the MVP only being an initial step towards the target, with dynamic externalized authorization being a central element therein.

In the second part, Gerry Gebel, Vice President of Business Development at Axiomatics, will demonstrate the benefits and potential issues of deploying authorization as a microservice and will elaborate on addressing those challenges with the help of additional conventions and standards.


Speakers

Gerry is responsible for sales, marketing and business development for the Americas region. In addition, he contributes to product strategy and manages Axiomatics’ global partner relations. Prior to joining Axiomatics, Gerry was Vice President and Service Director for Burton Group’s...


Lead Sponsor

Axiomatics provides externalized authorization management for databases, Big Data, applications and APIs. Our Attribute Based Access Control (ABAC) solutions are ideal for enterprises and government agencies moving away from role-based frameworks, and into more context-aware policy-based access control models. The Axiomatics authorization suite is ideal for these organizations that must securely share information while complying with complex and ever-evolving regulations.  

Watch now

Downloads

Webinar presentation, KuppingerCole

Webinar presentation, Axiomatics

Webcast download

Popular Webcasts

Next Webinar

Webinar

Secure Login for Highly-Regulated Hybrid Environments: Avoid Being Forced Into the Cloud

The march of the cloud is unstoppable. Eager to outsource the tedious and expensive maintenance of their IT infrastructures to a reliable 3rd party, most companies would dream of becoming cloud-native, at least in the long term. Needless to say, letting someone else run your identity management out there sounds like a great idea as well, hence the rising popularity of Identity-as-a-Service solutions that combine the latest technology achievements with the flexibility of the cloud.

Next Conference

Congress

European Identity & Cloud Conference 2019

Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 14-17, 2019, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 800 thought leaders, leading vendors, analysts, executives, and end-users get together in Munich to be inspired by a list of world-class speakers.

Become a Sponsor

Call

+49 211 23707710
Mo – Fr 8:00 – 17:00