Policy’s role in authorization, XACML today, & OpenID’s new policy charter Listen to the podcast  

CSO Online Feature: Connecting ABAC to Identity Governance and Administration to Extend Access Control Capabilities

Enterprises need an approach to improve synergies between existing IAM technologies

As applications, data and infrastructure continue moving into the cloud, the need for authorization of users to have the right access at the right time increases as well. The new enterprise is a hybrid of cloud and on-premise deployments all requiring a vetted, comprehensive and scalable access control model.

Within this changing climate, IT teams are overloaded with provisioning and deprovisioning, permissions management and pressure to easily audit and report on compliance. Access control automation is needed – and the access control solution needs to scale as the business grows.

As a first line of defense to effectively and efficiently control access to applications and data, organizations are turning toward identity governance and administration (IGA) to support both enterprise security and regulatory compliance. By leveraging IGA tools, access control is managed at administration time by automating the user provisioning and de-provisioning process.

The next line of defense is the run-time authorization service, which ideally uses an attribute and policy-based approach to enforce access rules on APIs, microservice and data services. Let’s explore how these two technologies can work in concert to uncover hidden value for enterprise customers.

Read full article on CSO Online here.

Samantha Berno

Media Contact

Samantha Berno
Corporate Communications Manager

Archived under: