|
Core information security objectives secure the integrity, confidentiality and availability of information assets. Therefore, we need to manage and control user identities, manage and enforce access permissions and ensure that we can monitor and audit who is actually gaining access to what information.
Standardizing Authorization
Even though authentication services are widely standardized and centralized, authorization typically uses different proprietary techniques in each application or platform. This is a serious obstacle in enterprise architectures, impeding the transformation necessary to achieve online availability, interoperability, transparency and cross-platform data exchange. Attribute Based Access Control (ABAC) based on the XACML introduces standardized authorization services much the same way SAML and Federated Identity Management offers authentication as a service.
By combining the two – federation and ABAC – organizations can leverage IAM investments made and move forward towards a more agile approach to Identity & Access Management in general. Read more about this on the IAM (R)evolution page. |
|
|
Application developers and vendors implementing future proof access control |
|
A large ERP software developer recently made a thorough review and concluded that more than 20% of development and code maintenance costs were related to Identity & Access Management (IAM) issues. Using products and services from Axiomatics, application developers and OEM partners can reduce development costs while enhancing their value propositions to customers and information owners.
|
|
Read more...
|
|
Delegating access management for data shared on the ground or in the cloud |
|
Operating environments owned and managed by an entity other than the information owner, be it an outsourcing partner or a service provider in the cloud, often become the information security manager's nightmare. Data processing resources can be outsourced, but liability of information security and privacy always remain with the information owner. Axiomatics delivers solutions based on XACML 3.0, with flexible delegation of administrative privileges ideally suited to meet the needs of modern federated environments.
|
|
Read more...
|
|
|
SOA developers standardizing their authorization services |
|
Service Oriented Architectures (SOA) have rapidly evolved and matured in recent years. Many organizations have standardized all new development within their infrastructures on SOA concepts. Hence, SOA governance is becoming increasingly important to avoid the chaos that emerges out of uncoordinated initiatives. SOA developers need to externalize authorization management, while ensuring local enforcement of access policies to meet new security and governance requirements.
|
|
Read more...
|
|
Regulatory compliance consistently enforced across multiple platforms |
|
Compliance management represents a mandatory set of "sour grapes" for many IT and business managers. The number of laws and regulations, standards and policies that organizations have to conform to is constantly growing. Common measures necessary to improve reactive compliance auditing do not offer a sustainable solution. Axiomatics products however, address the root cause – the inability of an infrastructure to support a consistent implementation of policy based authorizations.
|
|
Read more...
|
|
|
|
Privacy Statement