Enterprise Authorization Framework

  • TYPE: Combined Session DATE: Wednesday, May 10, 2017 TIME: 15:30-16:30 LOCATION: ALPSEE
Track

Sessions:

Authorization frameworks comprise run-time policy enforcement, administration-time policy models, and IAM governance. Groups are the dominant policy model in the enterprise today. Easy to manage from the bottom up, the problem is that groups tend to sprawl. Turning to RBAC, some organizations have a good set of positional roles, but others don't. Either way, RBAC easily succumbs to role proliferation if practicioners layer too many special cases and exceptions onto the model. Fortunately, dynamic authorization - also known as attribute-based access control (ABAC) - has the potential to blend roles, groups, and attributes from subjects, resources, and context into a unified model.

Key Takeaways:

  • Good practices for RBAC
  • The RBAC/ABAC continuum – it’s not either or, it’s about both approaches
  • Don't hype the "ABAC" - success stories, pitfalls, and lessons learned
  • Where Dynamic Authorization Management fits in: Not only Policy Servers, but Adaptive Authentication, API & XML Gateways, Web Access Management, and more
  • Create "economies of context" through well-designed identity object models and application taxonomies
  • Cloud-friendly patterns, tokens, and security considerations
  • “Dynamic Provisioning” of static (RBAC-based) ACLs: A real alternative?
  • Sample decision trees for a unified authorization framework

Speakers:

Dan Blum is an internationally-recognized expert in security, privacy, cloud computing, identity management and works as Senior Analyst at KuppingerCole. He develops Security Architects Partners’ business partnerships, creates content and leads consulting engagements. Blum provides...



Speakers:

Dan Blum is an internationally-recognized expert in security, privacy, cloud computing, identity management and works as Senior Analyst at KuppingerCole. He develops Security Architects Partners’ business partnerships, creates content and leads consulting engagements. Blum provides...

Gerry is responsible for sales, marketing and business development for the Americas region. In addition, he contributes to product strategy and manages Axiomatics’ global partner relations. Prior to joining Axiomatics, Gerry was Vice President and Service Director for Burton Group’s...



Log in to download the presentation:  

Moderators:

Session Links

Quick Links

Stay Connected

Information

Munich, Germany

Congress

European Identity & Cloud Conference 2017

Language:
English
Registration fee:
€1980.00 $2475.00 S$3168.00
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
  • May 09 - 12, 2017 Munich, Germany

Partners

The European Identity & Cloud Conference 2017 is proud to present a large number of partners
Learn more

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00