Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture - Using ABAC for APIs and Microservices

  • LANGUAGE: English DATE: Thursday, September 28, 2017 TIME: 4:00pm CEST, 10:00am ET, 7:00am PT
Upcoming Webinars
Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture - Using ABAC for APIs and Microservices
In the Digital Transformation era, businesses must be more agile than ever to adapt to constantly changing technology and regulatory landscapes and to meet the newest customer-centric initiatives. Constantly bombarded with new business requirements, software development and DevOps teams are increasingly looking into new approaches to make their applications more flexible, scalable and easier to maintain and modernize. In recent years, service-oriented architectures and microservices in particular have become the preferred method for many developers to create modular and adaptable enterprise applications that can easily scale and span multiple devices and platforms.

As opposed to traditional monolithic applications, a (micro)service-based architecture comprises multiple loosely coupled modules (“services”) that serve specific business purposes and communicate over lightweight network protocols. Such services can be developed, deployed and scaled independently on different platforms, which greatly reduces the time needed to bring as new product to market and allows for continuous delivery development process, where small changes to the business logic of an individual service can be quickly introduced and deployed.

However, when designing a (micro)-service architecture, dealing with identity and security becomes a much more complicated task than in traditional monolithic applications: each individual component must know which user is interacting with it and which access rights are granted to him. Externalizing and centralizing access management is a natural choice for microservices systems to ensure consistently secure and scalable authorization. Implementing the authorization service itself as a microservice, providing policy-driven access control for other microservices and APIs seems to be just as natural… Or is it?

In this webinar, we will discuss:

  • Major drivers and newest challenges of emerging distributed application architectures
  • How (micro)service-oriented architectures are mandating new well-thought-out application security infrastructures to become efficient and stable
  • Deploying authorization as a microservice to fit the broader microservices strategy
  • Policy enforcement on API gateways: benefits and potential obstacles

In the first part of the webinar, Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, will look at the new challenges emerging from service-oriented architectures and microservices in particular. He will talk about efficient MVP approaches with the MVP only being an initial step towards the target, with dynamic externalized authorization being a central element therein.

In the second part, Gerry Gebel, Vice President of Business Development at Axiomatics, will demonstrate the benefits and potential issues of deploying authorization as a microservice and will elaborate on addressing those challenges with the help of additional conventions and standards.


Speakers

Gerry is responsible for sales, marketing and business development for the Americas region. In addition, he contributes to product strategy and manages Axiomatics’ global partner relations. Prior to joining Axiomatics, Gerry was Vice President and Service Director for Burton Group’s...


Lead Sponsor

Axiomatics provides externalized authorization management for databases, Big Data, applications and APIs. Our Attribute Based Access Control (ABAC) solutions are ideal for enterprises and government agencies moving away from role-based frameworks, and into more context-aware policy-based access control models. The Axiomatics authorization suite is ideal for these organizations that must securely share information while complying with complex and ever-evolving regulations.  

Watch now

Downloads

Webinar presentation, KuppingerCole

Webinar presentation, Axiomatics

Webcast download

Popular Webcasts

Next Webinar

Webinar

Getting Rid of the Password – How to Increase Safety Affordably

Despite compromised passwords being the leading cause of data breaches, most online businesses still rely on solely using passwords for logins. While getting rid of password authentication is desirable from a security standpoint, organizations fear that it is a costly endeavor that can also affect user experience.

Next Conference

Conference

Blockchain Enterprise Days 2019

Blockchain is still on everyone’s lips and the 2019 can be the year when large enterprises finally embrace the distributed ledger technology. KuppingerCole's inaugural blockchain-themed event will go beyond the hype and will present you real use cases and applications for your enterprise. Blockchain Enterprise Days (#BeDays19) will take place on September 18-19, 2019 in Frankfurt, Germany.

Become a Sponsor

Call

+49 211 23707710
Mo – Fr 8:00 – 17:00