Risk intelligent access control
Where nothing is at stake, there is no need for protection. Access control is essentially risk management. The greater risk, the greater the need. Authorization services therefore need to support, rather than obstruct, business objectives, something that can only be achieved with risk-intelligent access control solutions.
In any line of business risks are continuously changing. The values at stake and the threats they are exposed to vary over time. Conventional access controls however, are inflexible; they are either "on" or "off", whereby "on" often hinders legitimate use and information sharing, and "off" overexposes an organization to risk. Furthermore, more often than not, a scenario occurs where access at the "front door" is too secure, while the "back door" is left wide open. Managing risk intelligently with Axiomatics eXtensible authorization solutions however, solves such problems once and for all.
Different types of risks
Information security principally depends on our ability to deal with three different risk types:
- Confidentiality: the risk that assets be exposed for unauthorized or illegitimate use
- Integrity: the risk that information no longer is trustworthy, possibly due to a prior confidentiality breach.
- Availability: the risk that business critical information becomes inaccessible or accessible with unacceptable delay or difficulty only.
The latter is often an indirect result measures intended to mitigate the first risk type. Indeed, with conventional, static and coarse-grained access control techniques there may not be an option. To secure confidentiality, information is kept behind locked doors where it remains safe, but of little use. The ability to share information, to make it available for legitimate use while protecting confidentiality and integrity, is typical gain when a shift to modern, fine-grained access control techniques is made.
Policies capturing risk conditions
Human languages support a risk intelligent behavior. "You'd better bring your umbrella; there will be rain this afternoon." To automate risk intelligence in access control systems a similar capacity is needed; the ability to express risk conditions and alter the behavior systems depending on risk levels.
With traditional access control models - assigning permissions to users via roles (RBAC) or assigning information assets to users via Access Control Lists (ACLs) - there is no way you can express context-related conditions. Either your users walk around with umbrellas in sun shine or they get wet in the rain.
Extensible authorization adds a core capability to access control techniques, namely policies. A versatile policy language, the eXtensible Access Control Markup Language (XACML), is used to capture conditional risk aspects and to grant access permissions. "Yes, permit users to read this confidential document in the context of X provided that Y unless the document state is Z. The XACML language, like human languages, uses a comprehensive grammar. It uses the following building blocks defined by attributes:
- Subject: the user or process that is demanding access.
- Action: the task which the subject wants to perform on a resource
- Resource: the asset or object which the subject is requesting to access
- Environment: the context in which this takes place
The environment attribute in particular can be used to capture risk conditions. The environment may include aspects that directly relate to the access request, such as the location from where it is made, time of day, authentication strength etc. But it can also be used to capture the state of other data at the time of the request. "Permit users to do X unless the current location is different from a location used less than five minutes ago". "Permit users to do Y provided the total amount does not exceed the purchasing budget he/she is authorized to use". "Permit users to do Z provided they did not previously do A, B or C which would represent a segregation of duties violation". "If the action does not deviate from normal user behavior patterns, allow the execution of transaction".
An integral part of risk management
When risk analysis procedures identify new risk conditions, policies are easily refined to reflect these new insights in a non-intrusive manner. There is no need to alter applications controlled or to perform role modeling exercises. The risk factor is simply added as yet another condition to existing policies. Read more...
With such risk intelligent and dynamic capabilities in applied access control technologies, you can enable secure information sharing in new ways. Where risks previously mandated restrictive system lockdown, fine-grained and risk-aware policies enable publishing of information to a broader audience with risks securely handled. Read more...