Attribute Based Access Control is the next step for implementing fine grained authorizations in federated identity environments. ABAC enabled application landscapes need to implement authorization management for application and service consumers who are unknown to the organization. In order to make this possible, other means of access control have to be implemented. Role based access through provisioning engines is no longer feadsile, access by users from different Identity providers and differents devices and locations will be the new normal.
Policy based security is the only way to make this possible. Security policies have to be executed centrally in order be in control. But managing the centralized policies can be distributed amongst business owners. An API gateway could be the component to execute policies. Managing an API gateway so far has been an ICT responsibility. We will explain how to implement the business responsibility layer
Key Takeaways: