Policy-Based Access Control – Consistent Across the Enterprise

Please use your KuppingerCole account to log in or create one, if you don't have it yet.


The evolution of cybersecurity protection demands a more nuanced response to providing access to a company’s sensitive resources. Policy-based access control (PBAC) combines identity attributes and context variables to enable sophisticated granting of access to corporate systems and protected resources based on centrally managed policies that ensure consistent access control decisions across the enterprise. Advancement in both business requirements and technology (such as growing use of micro-services), require a better way to control access. In a way that is consistent across all silos, dynamic enough to react to change in risk, and provides better control for the application business owners.

PBAC facilitates the application of consistent policy across all applications that use the PBAC authorization service. Furthermore, policies are evaluated in real-time against current attributes rather than having to wait for a nightly update of identity attributes before access control policy is correctly applied. PBAC also facilitates a risk management approach to access decisions. If access outside business hours represents a greater risk the authorization service could prompt for an additional authentication factor before access is granted.

Language: English • Duration: 54:54 • Resolution: 1920x1080

Learn more about this webinar