+
  Policy’s role in authorization, XACML today, & OpenID’s new policy charter Listen to the podcast  

5 Misconceptions About a Policy-based Approach to Access Control

At its core a Policy-based Access Control (PBAC) model (also referred to as Attribute-based Access Control, or ABAC) is a concept any developer can understand. The phrase “access control” refers to application mechanisms that govern what each user can (or can’t) see and do. And a “policy” is a principle, rule, or guideline formulated or adopted by an organization.

While learning the fundamentals of access control and how it helps development teams secure their applications, you may be exposed to some conflicting ideas or even misinformation about policy-based access control and the value of an ABAC-based solution.

Here are five common misconceptions about a policy-based access control model and the value you may be missing.

Download PDF


Related resources

Achieve Zero Trust in Trade Compliance

Four Ways Insurance Companies Can Leverage Authorization

Seven Reasons Financial Institutions Should Consider Authorization

Navigating the Department of Defense Mandate on Zero Trust

Axiomatics Blog

How Policy-as-code can make your developers infallible

Read the article

Trending Articles

Solving the headache around recertification

The cost of role explosion

Authorization can empower your enterprise…really

Take Our Poll

Where is your organization currently at with authorization?

View Results

Loading ... Loading ...
Content...