Fine-Grained Policy-Based Access Control: Why & How?
- LANGUAGE: English DATE: Thursday, October 18, 2018 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
Mastering authorization is critical for modern organizations with multiple user constituencies, applications, and data types. Authorization has become a crucial part of security infrastructures and can no longer be considered just another feature of existing IAM solutions. Instead, authorization control infrastructures have developed their own segment in the security market.
There is a need for more than just one technology to meet different needs of the market, especially in the areas of administration and governance - both dictate the need for an authorization solution.
Furthermore, customers face challenges in several areas – the main one is having no insight into what data and functionalities users are able to access. And while there is a constant need for businesses to continuously modify, extend, and modernize their processes and business models, there is a lack of adequate and agile data access control and management functionality.
RBAC (Role Based Access Control) has proven handy for adding manageability and assurance to coarse- or medium-grained authorization but break down in the face of dynamic environments or complex access policies. Attribute-based access control (ABAC) has gained adherents but is in fact just another piece of the puzzle. Policy-based Access Control (PBAC) is an emerging model that seeks to help enterprises address the need to implement actionable access control schemes based on corporate policy and governance requirements. In general, PBAC can be considered the harmonization and standardization of the ABAC and RBAC models at an enterprise level in support of specific governance objectives.
In this webinar you will learn more about:
- The concept of Authorization as business need and technology requirement.
- Why Authorization is a feature and important piece of the IAM puzzle.
- Why Authorization is one of the main concerns of the business owner of the information.
- Why your authorization solution should enable the business as well as the admins.
In the first part of the Webinar Kuppinger Cole Lead Analyst John Tolbert will introduce the benefits and challenges of data-centric security based on RBAC (Role-based Access Control), which has often shown to be overly static and difficult to manage, complemented with ABAC (Attribute Based Access Control).
In the second part of the webinar, Gal Helemski from PlainID will talk about the concept of Authorization as a whole solution. She will describe the benefits of implementing a unified approach to address them. A single dynamic authorization architecture works across formerly separate dimensions, and can thus solve most problems through a combined RBAC and ABAC approach.
PlainID Inc. is the recognized leader of Policy-Based Access Control (PBAC). Our simple, straightforward solution to authorization management enables organizations to govern, administer and control who can access assets across their digital landscape. PlainID knows the frustrations of businesses struggling to understand, incorporate, and best implement Identity and Access Management, and is using Policy-Based Access Control (PBAC) to solve it. Our solution, The PlainID PBAC Platform, enables rapid business growth by connecting new and legacy technologies with the latest and most advanced authorization features. As part of our PBAC Platform, PlainID has developed the Policy Manager and the Entitlement & Role Manager, and has ongoing development of additional PBAC modules.
The purpose of an identity management system is to support access control to an organization’s sensitive systems and protected resources. Contemporary access control has progressed from static entitlements, still used in many organisations. Not only manual interventions are necessary to change roles, also provisioning, reconciliation, recertification and auditing are laborious tasks, which complicate each business process.
The European Identity & Cloud Conference returns fully digitalized, reacting to the global pandemic. We have collected a lot of experience in virtual conferencing throughout 2020 to be able to offer you a safe and hygienic event experience – on-site, virtual, and hybrid.