David Brossard, Author at Axiomatics - Page 2 of 3
Axiomatics
  • Dynamic Authorization Suite
    • Applications
    • SmartGuard® for Data
    • Databases
    • APIs and Microservices
      • Amazon API Gateway Integration
      • Apigee Integration
      • Axway API Integration
      • CA API Gateway Integration
      • IBM DataPower Gateway Integration
      • Kong Community Integration
      • MuleSoft Integration
      • Oracle API Gateway Integration
    • IAM Ecosystem Integrations
    • Reporting & Governance
    • Expert Services
  • Developers Zone
  • Resources
    • About Us
    • Analyst Reports
    • Case Studies
    • Data Sheets
    • Industry Briefs
    • Infographics
    • Product Sheets
    • Tutorials
    • Use Cases
    • Webinars
    • White Papers
  • Solutions
    • Challenges
    • Industries
    • Roles
  • Axiomatics Federal, Inc.
  • Blog
  • About Us
    • The Company
    • Working at Axiomatics
    • Press Room
    • Events
    • Partners
    • Management
    • Corporate Social Responsibility
    • Contact Us

David Brossard

Home / Archives for David Brossard / Page 2
API Tuesday, 10 January 2017Thursday, 02 August 2018 by David Brossard

How Using ABAC Can Improve API Security in 2017

During Gartner’s recent IAM conference, I noticed an emerging conversation around the issues of API usage at the enterprise level. Enterprise adoption of APIs is viewed as an inevitable consequence of the ongoing digital transformation many IT professionals are managing. API stands for
Access Control 101 Wednesday, 21 December 2016Wednesday, 07 June 2017 by David Brossard

Going on vacation, how can I implement delegation in XACML?

This use case happens in many different industries, such as: Banking: account management Healthcare: medical record access There are other types of delegation possible, e.g. a parent-child delegation. For instance, as a parent, I want access to my underage children’s medical records. This
Access Control 101 Tuesday, 01 November 2016Wednesday, 07 June 2017 by David Brossard

How do I use the map function in XACML?

Some examples of policies are: Managers can view documents in their city Users can edit documents they own   Each policy uses attributes. In the examples above, the policies use the following attributes: A user’s role e.g. manager An action e.g. view, edit. A resource type e.g.
Question of the Week Friday, 26 August 2016Wednesday, 07 June 2017 by David Brossard

Breaking the Glass – Using XACML to Implement HIPAA Regulations

Break the Glass Scenario  By default users have access to what they need to get access to. Example authorization policy: doctors can view the medical records of their patients. Sometimes, though, in the case of an emergency, users need access to information they don't normally have access
Question of the Week Friday, 05 August 2016Wednesday, 07 June 2017 by David Brossard

In XACML what is the StringOneAndOnly function?

Example of policies can be: Managers can view documents in their city. Users can edit documents they own  Each policy uses attributes. In the examples above, the policies use the following attributes: A user’s role e.g. manager An action e.g. view, edit. A resource type e.g.
Question of the Week Thursday, 28 July 2016Wednesday, 07 June 2017 by David Brossard

What Does NotApplicable Mean?

The Policy Enforcement Point (PEP) sends the PDP an authorization request. The PDP inspects the request and must return a decision. There are four possible decisions: Permit Deny NotApplicable Indeterminate If operating correctly, the PDP must always return one of these 4 decisions. Permit and
Question of the Week Wednesday, 01 June 2016Wednesday, 07 June 2017 by David Brossard

Should the Policy Enforcement Point Send All Attributes Needed to Evaluate a Request?

Key Attributes and Derived Attributes Key Attributes are the basis of a XACML request. PEPs can send any number of attributes to the PDP. At the very minimum it needs to send "key" attributes i.e. the user identity, the resource identity and type and the action identity. This creates the minimal
Question of the Week Tuesday, 10 May 2016Thursday, 15 November 2018 by David Brossard

When Should I Use an XACML Condition?

XACML Targets Targets are an easy way to define the scope of an authorization policy. Targets can be used in all three XACML structural elements (policy set, policy, or rule). Targets always follow an AND / OR / AND structure. For instance, with a target, it is simple to implement citizenship ==
Business Thursday, 04 February 2016Monday, 23 October 2017 by David Brossard

Securing Access to PII and EHR in a Digitized Health Care Environment

Patient enablement / self-service With respect to health care, a McKinsey report from late 2014 explains that health care IT is evolving at the same speed as other industries, and this will be no different in the future. McKinsey considers that more than 75% of all patients expect to use digital
Access Control 101 Tuesday, 11 November 2014Wednesday, 07 June 2017 by David Brossard

Integrate the CA API Gateway with Axiomatics Policy Server

As the web constantly evolves, so too do its foundations. Today, the web as we know it is built on web applications, web services, and APIs. This is a natural evolution from SOA (Service-Oriented Architecture) which was the foundation for a loosely coupled environment a decade ago. In SOA,
Previous123Next

Subscribe to the blog

  • Authors
  • Categories
  • Tags
Srijith NairSrijith Nair
AxiomaticsAxiomatics
Pablo GiambiagiPablo Giambiagi
David BrossardDavid Brossard
Jonas IggbomJonas Iggbom
Andres MartinelliAndres Martinelli
Gerry GebelGerry Gebel
Kelly SheltonKelly Shelton
Mike GoodMike Good
Niklas JakobssonNiklas Jakobsson
Brian ColalucaBrian Colaluca
Craig GilleyCraig Gilley
Jonas MarkströmJonas Markström
Jeffrey KleinJeffrey Klein
See More Authors
  • Business Tech Question of the Week Access Control Access Control 101 Architecture API Axiomatics Data Access Filter XACML The Company ABAC Health Insurance Safe Harbor Cross-Border Privacy API
  • Whats New What's New federal government events Dynamic Authorization data security Data Centric Security Cloud Authorization Attribute Based Access Control API Access Control ABAC101 ABAC 101 ABAC

Featured Posts

  • Enterprise-Authorization-System Business Friday, 15 January 2021Wednesday, 03 February 2021 by Srijith NairModern Enterprise Authorization Management SystemGartner has an interesting article titled Read more...
  • Mastering GDPR and CCPA Compliance with Dynamic Authorization Business Tuesday, 03 November 2020Monday, 18 January 2021 by AxiomaticsMastering GDPR and CCPA Compliance with Dynamic AuthorizationGlobal regulatory legislation is a headache for Read more...

Still have questions?

Send us an email at webinfo@axiomatics.com
Request a Demo

Axiomatics

  • Supplier Code of Conduct
  • Cookie Notice
  • Privacy Policy
  • Working at Axiomatics
  • It’s easy to contact Axiomatics!
  • Get Support
Copyright © 2013 - 2021 Axiomatics. All rights reserved.