Finn Frisch is an information security specialist with more than 25 years of experience in the field of information security. He has held managerial positions at Axiomatics, RSA Security, FoxT and Deloitte Enterprise Risk Services.

End-user or B2B Portal – a business case for API management

Common use case scenarios which the Axiomatics Professional Services Organization (PSO) frequently encounters are customer portals in various shapes and flavors. A common denominator in successful deployments is a structured and efficient approach to API management. 

Continue reading
2496 Hits
1 Comment

Secure your API with an ABAC Powered Infrastructure

Many insurance companies use Attribute Based Access Control (ABAC) solutions to enable partners or clients to directly manage their own information within the insurance company’s infrastructure. In this blog we’ll have a closer look at a typical deployment scenario. 

Continue reading
2183 Hits
0 Comments

Data privacy and protection requirements – obstacles or business enablers?

The global economy fuels constant growth in cross-border data flows. Yet, borders block trade in the cloud as well as on the ground. 

In 2002, e-commerce represented 19% of the total manufacturing revenue in the US. Ten years later, in 2012, its share of total revenue had increased to more than 50%[1]. 

For cross-border transactions, however, a complex patchwork of legal restrictions must be considered which currently hinders the same kind of uptake. The Financial Services in the US saw a 5.2% increase in cross-border trade between 2013 and 2014[2]. Yet, data privacy and protection requirements are seen as a problem according to a survey conducted on behalf of the US International Trade Commission (USITC) last year[3]:

Continue reading
3459 Hits
0 Comments

A technical view of the business case for Attribute Based Access Control (ABAC) - Part 2

This mix of a text and video blog post is a continuation of the discussion in the Part 1 of this blog. We explore criteria that may motivate a switch to externalized authorization management and Attribute Based Access Control (ABAC). Part 1 primarily looked at use cases which do not necessarily motivate a switch to ABAC. In this post we look at a use case that definitely will require ABAC capabilities.

Continue reading
4058 Hits
0 Comments

A technical view of the business case for Attribute Based Access Control (ABAC) - Part 1

In this mix of a text and video blog, divided into a Part 1 and Part 2 respectively, we explore criteria that may motivate a switch to externalized authorization management and Attribute Based Access Control (ABAC). We also look at why a use case would not necessarily motivate such a switch.

Axiomatics has published a white paper on the topic (which can be downloaded here). The paper identifies business challenges addressed by ABAC implementations, such as:

  • Enabling sharing of sensitive data as a prerequisite for efficient collaboration
  • Delegation of permissions to enable rapid but safe financial transactions
  • Flexible authorization management to adapt to new regulatory requirements
Continue reading
4562 Hits
0 Comments