Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture - Using ABAC for APIs and Microservices
- LANGUAGE: English DATE: Thursday, September 28, 2017 TIME: 4:00pm CEST, 10:00am ET, 7:00am PT
In the Digital Transformation era, businesses must be more agile than ever to adapt to constantly changing technology and regulatory landscapes and to meet the newest customer-centric initiatives. Constantly bombarded with new business requirements, software development and DevOps teams are increasingly looking into new approaches to make their applications more flexible, scalable and easier to maintain and modernize. In recent years, service-oriented architectures and microservices in particular have become the preferred method for many developers to create modular and adaptable enterprise applications that can easily scale and span multiple devices and platforms.
As opposed to traditional monolithic applications, a (micro)service-based architecture comprises multiple loosely coupled modules (“services”) that serve specific business purposes and communicate over lightweight network protocols. Such services can be developed, deployed and scaled independently on different platforms, which greatly reduces the time needed to bring as new product to market and allows for continuous delivery development process, where small changes to the business logic of an individual service can be quickly introduced and deployed.
However, when designing a (micro)-service architecture, dealing with identity and security becomes a much more complicated task than in traditional monolithic applications: each individual component must know which user is interacting with it and which access rights are granted to him. Externalizing and centralizing access management is a natural choice for microservices systems to ensure consistently secure and scalable authorization. Implementing the authorization service itself as a microservice, providing policy-driven access control for other microservices and APIs seems to be just as natural… Or is it?
In this webinar, we will discuss:
- Major drivers and newest challenges of emerging distributed application architectures
- How (micro)service-oriented architectures are mandating new well-thought-out application security infrastructures to become efficient and stable
- Deploying authorization as a microservice to fit the broader microservices strategy
- Policy enforcement on API gateways: benefits and potential obstacles
In the first part of the webinar, Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, will look at the new challenges emerging from service-oriented architectures and microservices in particular. He will talk about efficient MVP approaches with the MVP only being an initial step towards the target, with dynamic externalized authorization being a central element therein.
In the second part, Gerry Gebel, Vice President of Business Development at Axiomatics, will demonstrate the benefits and potential issues of deploying authorization as a microservice and will elaborate on addressing those challenges with the help of additional conventions and standards.
Axiomatics provides externalized authorization management for databases, Big Data, applications and APIs. Our Attribute Based Access Control (ABAC) solutions are ideal for enterprises and government agencies moving away from role-based frameworks, and into more context-aware policy-based access control models. The Axiomatics authorization suite is ideal for these organizations that must securely share information while complying with complex and ever-evolving regulations.
There is growing interest in deception as a methodology and as an integral part of cybersecurity architecture, as organizations seek more effective approaches for detecting and responding to threats in real time. Distributed Deception Platforms have made this approach practical and affordable for the first time, but choosing the right solution can be challenging.