Dynamic Authorization Management
Facebook Twitter LinkedIn

Dynamic Authorization Management

Combined Session
Wednesday, May 14, 2014 12:00—13:00
Location: AMMERSEE II

Dynamic Authorization Management: The Market and its Future

In this session, Graham Williamson of KuppingerCole will present on the current state of the Dynamic Authorization Management market based on the brand-new KuppingerCole Leadership Compass document on the subject.  The session will discuss the direction of IAM solutions to externalise their authentication and authorisation decisions to a centrally managed decision point.  The presentation will advise on the direction various vendors have taken and the degree to which standards such as XACML are supported.  Graham will also advise on expectations for the future development of this market sector and the core requirements when selecting a product in this area.  The presentation will position Dynamic Authorization Management in the context of a comprehensive IAM solution.

Dynamic Authorization Management: The Market and its Future
Presentation deck
Dynamic Authorization Management: The Market and its Future
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Graham Williamson
Graham Williamson
KuppingerCole
Graham Williamson is a senior Analyst at KuppingerCole. Graham has practical experience in the identity management and access control industry having completed assignments in the academic,...

RBAC, ABAC, or Both?

There is an ongoing discussion about terms such as RBAC (Role Based Access Control) and ABAC (Attribute Based Access Control). However, is it really about either-or? Or isn’t it that most role concepts take other attributes such as the Organizational Unit into account, while the role is a major attribute for most ABAC concepts? Shouldn’t the discussion be more about the question on how to make the shift from Static Access Management, based on pre-determined ACLs (Access Control Lists) etc., towards Dynamic Access Management and especially Dynamic Authorization Management, where applications ask at runtime for authorization decisions? But how to make that shift, how to convince application architects and developers? The panelists will talk about both RBAC and ABAC and how to make Dynamic Authorization Management a success, based on their experience.

Allan Foster
Allan Foster
ForgeRock
Allan Foster has helped build ForgeRock into a multinational identity software vendor with offices on four continents. Allan’s deep technical knowledge has been well used in all aspects of...
Finn Frisch
Finn Frisch
Axiomatics
Finn Frisch has more than 20 years of managerial and experience from information security management and related technologies. Finn is currently responsible for Business Development at Axiomatics...
Peter Gietz
Peter Gietz
DAASI International GmbH
Peter Gietz, CEO of DAASI International, has an MA in humanities and is active in the field of IT since 1985. He is internationally recognized as an directory expert, with core expertise in X.500,...
Ian Glazer
Ian Glazer
Salesforce
Ian Glazer is the VP, Identity Product Management, at Salesforce. His responsibilities include leading the product management team, product strategy and identity standards work. Prior to that, he...
Patrick Parker
Patrick Parker
EmpowerID
Patrick Parker is the founder and CEO of EmpowerID, a company specializing in Identity and Access Management for over 20 years. He pioneered the unique use of Role and Attribute-Based Access...
Geoff Webb
Geoff Webb
NetIQ
Geoff Webb has over 20 years of experience in the tech industry and is the Director of Solution Strategy at NetIQ. He is responsible for the NetIQ Information Security, Identity and Access and IT...

OpenRBAC: Why using an LDAP based Backend for Role Based Access Control Information

OpenRBAC is an open source implementation of the ANSI standard RBAC. It uses OpenLDAP as backend for storing information on user, roles, resources, priviledges, etc. This has a number of advantages and only very few limitations. Access decisions can be retrieved by simple ldap searches so that a OpenRBAC based Policy Decison Point can answer ten thousands of such queries per seconds. Since two other RBAC software products use LDAP, currently work is being done on an IETF Internet Draft to standardize the LDAP schema and a specific LDAP extended operation for interoparable implementations. The talk will introduce
RBAC, OpenRBAC and report on the LDAP standardisation work.

Peter Gietz
Peter Gietz
DAASI International GmbH
Peter Gietz, CEO of DAASI International, has an MA in humanities and is active in the field of IT since 1985. He is internationally recognized as an directory expert, with core expertise in X.500,...
Subscribe for updates
Please provide your email address