Access control failures in information sharing cause incidents and disasters can follow in their trails. Wikileaked state secrets, tabloid publicity for VIP health records, trade secrets sent to the competition - poorly designed access controls are the common denominator of them all. Extensible authorization offers a solution.
Use cases in many industries
Secure information sharing is an important objective in many different types of use cases such as:
- Public sector knowledge sharing is a new discipline expected to bring a broad set of essential values such as efficiency and cost savings in public administration. Since data managed by state agencies typically is about its citizens - about you and me - privacy protection becomes a serious concern that must be balanced against information sharing needs.
- Product life-cycle management means corporations collaborate across company borders as well as across national borders to achieve faster and more efficient delivery of services and goods. The data managed represents substantial intellectual properties which need to be protected in compliance with regulations such as export control legislation and balanced against information sharing needs.
With coarse-grained authorization secure information sharing becomes impossible. You can disregard the fact that your information objects contain sensitive portions and accept being exposed to the risk of unauthorized access. Or you can ban any publishing of information objects which sensitive portions and thus lose the ability to collaborate.
Use cases such as IP or privacy protection require the ability to filter out information based on individual fields or portions of your data. If you can filter out the sensitive parts, you enable secure sharing of what remains. This type of filtering must often be made in multiple dimensions and varies depending on who the user is and what type of relation the user has to referenced objects or data subjects.
Use cases of this type are frequent in government agencies and health care. But modern product life-cycle management is also an example of new information sharing needs.