Fine-Grained Policy-Based Access Control: Why & How?
- LANGUAGE: English DATE: Thursday, October 18, 2018 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
There is a need for more than just one technology to meet different needs of the market, especially in the areas of administration and governance - both dictate the need for an authorization solution.
Furthermore, customers face challenges in several areas – the main one is having no insight into what data and functionalities users are able to access. And while there is a constant need for businesses to continuously modify, extend, and modernize their processes and business models, there is a lack of adequate and agile data access control and management functionality.
RBAC (Role Based Access Control) has proven handy for adding manageability and assurance to coarse- or medium-grained authorization but break down in the face of dynamic environments or complex access policies. Attribute-based access control (ABAC) has gained adherents but is in fact just another piece of the puzzle. Policy-based Access Control (PBAC) is an emerging model that seeks to help enterprises address the need to implement actionable access control schemes based on corporate policy and governance requirements. In general, PBAC can be considered the harmonization and standardization of the ABAC and RBAC models at an enterprise level in support of specific governance objectives.
In this webinar you will learn more about:
- The concept of Authorization as business need and technology requirement.
- Why Authorization is a feature and important piece of the IAM puzzle.
- Why Authorization is one of the main concerns of the business owner of the information.
- Why your authorization solution should enable the business as well as the admins.
In the first part of the Webinar Kuppinger Cole Lead Analyst John Tolbert will introduce the benefits and challenges of data-centric security based on RBAC (Role-based Access Control), which has often shown to be overly static and difficult to manage, complemented with ABAC (Attribute Based Access Control).
In the second part of the webinar, Gal Helemski from PlainID will talk about the concept of Authorization as a whole solution. She will describe the benefits of implementing a unified approach to address them. A single dynamic authorization architecture works across formerly separate dimensions, and can thus solve most problems through a combined RBAC and ABAC approach.
PlainID provides both Business AND Admin teams with a simple and intuitive means to control their organization’s entire authorization and access control process. The platform allows you to implement literally any kind of rules you could imagine, all without coding, and all in fine grained detail. PlainID simplifies Authorization so that thousands of Roles, Attributes and even Environmental Factors can be converted into a few logical SmartAuthorization policies using our Graph Database Decision Engine. We offer the first policy based access control (PBAC) solution that simplifies Authorization to one point of decision, one point of control and one point of view across your cloud, mobile and legacy applications.
Despite compromised passwords being the leading cause of data breaches, most online businesses still rely on solely using passwords for logins. While getting rid of password authentication is desirable from a security standpoint, organizations fear that it is a costly endeavor that can also affect user experience.
Blockchain is still on everyone’s lips and the 2019 can be the year when large enterprises finally embrace the distributed ledger technology. KuppingerCole's inaugural blockchain-themed event will go beyond the hype and will present you real use cases and applications for your enterprise. Blockchain Enterprise Days (#BeDays19) will take place on September 18-19, 2019 in Frankfurt, Germany.