Many of today’s organizations are knowledge-driven. As a result, it has become essential for employees, customers and suppliers to gather intelligence to successfully collaborate. Put simply, information security is no longer only about “need-to-know” level access control but also about the “need-to-share”.

Information sharing
Today information owners face severe risks. In order for businesses to grow or for public services to improve data has to be shared both within and beyond organization boundaries. However, if the controls are to permissive data leakage is a serious threat. On the other hand if controls are too strict collaboration can be seriously hindered. Existing access controls however, are too inflexible to meet these new demands. A paradigm shift is therefore needed. Efficient but secure information sharing must be the focal point of new flexible access control techniques.

Authorization to enable information sharing

Records kept in locked vaults are safe in the sense that unauthorized users have difficulties gaining access. However, the same is probably true for most authorized users. If they cannot get hold of information they need they will not be able to do a good job.

To quote a well-known American politician: “There are known unknowns. That is to say, there are things that we know we don't know. But there are also unknown unknowns. There are things we don't know we don't know.” With poorly designed access controls the heap of both known and unknown unknowns keeps growing and the effects are costly failures.

Health records are an example. A few years ago, they were physical objects only: paper, X-rays films, lab reports etc. Most patients will soon expect to interact with their medical care providers via services that handle Electronic Health Records (EHR) online – and they will expect care providers collaboration to provide optimal health care services. Privacy concerns require strict adherence to legal constraints as well as patient consent declarations. Failing to meet these requirements either impacts health care quality or raises concerns about privacy intrusions. Extensible authorization delivers the kind of dynamic and fine-grained filtering of authorized data that is necessary in order to enable modern EHR systems.

Similar needs exist in most industries. With the ability to go online with what previously was kept in the basement, new ways to interact and collaborate become possible. And as a result, new business opportunities emerge. Axiomatics extensible authorization makes it happen.

Search


The XACML Value Proposition

Cost savings may not be your primary reason to look for standards-based and fine-grained access control. It is, however, a predominant side-effect. Once you achieve secure information sharing you also enable new business opportunities. Read more...

Standards-based solutions

Cloud, mobile computing, multiple user identities, etcetera, are all factors that in the past, required an individual approach to access control. With XACML, standards-based authorization solutions can now encompass virtually any technology. Read more...

Trusted solutions provider

Axiomatics solutions can be found in use at leading global entities within finance, manufacturing, healthcare, and the public sector. Our trusted technology has been consecutively chosen for the world's largest XACML deployments. Read more...

Technology

Axiomatics is a driving force in authorization technology. The company's dedicated research hub boasts many of the world's leading experts in XACML, the standard that powers attribute based access control (ABAC), while the Axiomatics CTO is the editor of the OASIS XACML 3.0 specification. Furthermore, Axiomatics was the first organization to attest complete XACML 3.0 speciication conformance.

ABAC

Attribute-Based Access Control (ABAC) surpasses all previous authorization models. It provides easily scalable, dynamic, context-aware and risk-intelligent access control, essential for the modern enterprise.

Solutions

Axiomatics solutions deliver anywhere, any-depth access control across virtually any and every IT environment. They enable secure sharing of information across and within organization's borders and boundaries and compliance with ever-evolving regulatory mandates, while promoting new business opportunities, reducing time-to-market and cutting IT development costs.

eXtensible Authorization

Axiomatics solutions bring together the benefits of standardization, through XACML, with the proven results of externalized authorization. This is more commonly known as eXtensible Authorization.