While it is predicted that “by 2020, 70% of enterprises will use Attribute-Based Access Control (ABAC) to protect critical assets” (Gartner), a lot of confusion still lingers around what exactly an organization can expect to get out of ABAC, or Dynamic Authorization. A quick
European Identity Conference (EIC) is Europe's leading event for Identity and Access Management (IAM) and Governance, Risk Management, and Compliance (GRC), and cloud security. For the 11th time, the EIC offered us best practices and discussions with more than 700 participants from worldwide
The General Data Protection Plan, known by GDPR, is new legislation that defines data protection standards and laws across the European Union. This regulation effectively repeals the Directive 95/46/EC. Consistency is the goal for the GDPR; the legislation imposes a uniform security data law
Our experts at Axiomatics got together at the end of the year to take a look at the trends in store for 2017. Some of these may sound familiar, as the era of digital transformation continues to expand. But you'll find a common theme: Marty Leamy, our Americas President said it best, “This
This year’s Gartner IAM Conference was full of thoughtful keynotes and a reflection of things to come for IT professionals in 2017. Over 1500 professionals concerned with keeping customer and proprietary data more secure attended the conference last week, which took place in Las Vegas, Nevada,
Axiomatics is heading to Gartner’s annual Identity and Access Management (IAM) Summit on November 29 at Caesar's Palace in Las Vegas. By the time the event concludes on December 1st, the 1600-plus attendees will have a better understanding of the most pressing security issues facing digital
One of the great benefits of Attribute Based Access Control (ABAC) is that it can be as coarse or fine-grained as you need it to be. You start with two attributes: role and data, and you have Role Based Access Control (RBAC). But from there, it gets much more interesting, as you can add as few or
We have written in the past about using time in XACML policies. This can be useful when wanting to control access outside office hours for instance. Sometimes, we also want to use dates to achieve similar and complementary use cases. Using the Date Datatype in XACML The Date Datatype XACML
X may mark the spot if you’re looking for treasure, but if you’re looking to protect something dear to you, such as your sensitive assets, X can also form part of your security program. That’s because X is the first letter in XACML, the OASIS standard language that authorization solutions
Access Control has been around ever since there has been the need to protect valuable assets. Sentries were posted and moats were built. Still, history is littered with access breaches, many of which, such as the Trojan horse, have gone down in folklore. Comparably, data access control is still in