Fine-Grained Policy-Based Access Control: Why & How?
- LANGUAGE: English DATE: Thursday, October 18, 2018 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
Mastering authorization is critical for modern organizations with multiple user constituencies, applications, and data types. Authorization has become a crucial part of security infrastructures and can no longer be considered just another feature of existing IAM solutions. Instead, authorization control infrastructures have developed their own segment in the security market.
There is a need for more than just one technology to meet different needs of the market, especially in the areas of administration and governance - both dictate the need for an authorization solution.
Furthermore, customers face challenges in several areas – the main one is having no insight into what data and functionalities users are able to access. And while there is a constant need for businesses to continuously modify, extend, and modernize their processes and business models, there is a lack of adequate and agile data access control and management functionality.
RBAC (Role Based Access Control) has proven handy for adding manageability and assurance to coarse- or medium-grained authorization but break down in the face of dynamic environments or complex access policies. Attribute-based access control (ABAC) has gained adherents but is in fact just another piece of the puzzle. Policy-based Access Control (PBAC) is an emerging model that seeks to help enterprises address the need to implement actionable access control schemes based on corporate policy and governance requirements. In general, PBAC can be considered the harmonization and standardization of the ABAC and RBAC models at an enterprise level in support of specific governance objectives.
In this webinar you will learn more about:
- The concept of Authorization as business need and technology requirement.
- Why Authorization is a feature and important piece of the IAM puzzle.
- Why Authorization is one of the main concerns of the business owner of the information.
- Why your authorization solution should enable the business as well as the admins.
In the first part of the Webinar Kuppinger Cole Lead Analyst John Tolbert will introduce the benefits and challenges of data-centric security based on RBAC (Role-based Access Control), which has often shown to be overly static and difficult to manage, complemented with ABAC (Attribute Based Access Control).
In the second part of the webinar, Gal Helemski from PlainID will talk about the concept of Authorization as a whole solution. She will describe the benefits of implementing a unified approach to address them. A single dynamic authorization architecture works across formerly separate dimensions, and can thus solve most problems through a combined RBAC and ABAC approach.
PlainID provides both Business AND Admin teams with a simple and intuitive means to control their organization’s entire authorization and access control process. The platform allows you to implement literally any kind of rules you could imagine, all without coding, and all in fine grained detail. PlainID simplifies Authorization so that thousands of Roles, Attributes and even Environmental Factors can be converted into a few logical SmartAuthorization policies using our Graph Database Decision Engine. We offer the first policy based access control (PBAC) solution that simplifies Authorization to one point of decision, one point of control and one point of view across your cloud, mobile and legacy applications.
Digitalization evolves with the increased use of microcomputers in everyday objects like cars and smart fridges, but also in industrial applications. Therefore, communication between devices is growing accordingly. While connecting devices is supposed to make our lives easier, it poses a great challenge from a security standpoint. Every connection opens a potential backdoor for attackers to slip inside your network.
Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 12-15, 2020, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 800 thought leaders, leading vendors, analysts, executives, and end-users get together in Munich to be inspired by a list of world-class speakers.
KuppingerCole analysts build upon competencies from comprehensive research, experience from highly topical PAM advisory projects and systematically expanded and advanced best practices. Our analysts and advisors offer a one-of-a-kind, multi-channel approach to modern knowledge transfer: the KuppingerCole Master Class Privileged Access Management. Webinars and webcasts, up-to-date research documents, an all-day classroom workshop with final exam and certification of the acquired skills lay the foundation for establishing the necessary technical and methodological knowledge in your own organization.