As Product Manager, Srijith is responsible for the vision, planning and design around the core products of Axiomatics. Previously he was a Principal Researcher at BT Innovate and Design, looking at security issues related to virtualisation and the cloud based service delivery model.

The Data Access Filter for Multiple Databases just got better.

I'm happy to share that we're ending the year with a release of the Axiomatics Data Access Filter for Multiple Databases. If you're not familiar with this solution, ADAF MD provides the ability to apply an Attribute Based Access Control approach to relational databases, featuring both Dynamic Data Masking and Data Access Filtering to ensure only authorized parties can view data retrieved from databases such as Oracle, IBM DB2, Microsoft SQL Server, or Teradata.

This release adds several technical enhancements for using the product in large-scale deployments. The feature set includes:

  • Multi-table attribute mapping to avoid duplication of XACML attributes and rules in customer's policies when protecting two or more tables.
  • The ability to fetch table definition information from the database when configuring the SQL Filter Service Agent.
  • Support for SQL statements containing synonyms (referred to as aliases in DB2).

This release also adds support for Red Hat Enterprise Linux 7.1 and 7.2 and Teradata 15.10, and also packages the latest version of Axiomatics Policy Server Express Edition.

Read more about ADAF MD here.

You may also enjoy this white pape on next generation data-centric security

 

Continue reading
244 Hits
0 Comments

Security, Dynamic Authorization and the Big Data Landscape

Security, Dynamic Authorization and the Big Data Landscape

The big data landscape is, not surprisingly, big. Matt Turck’s excellent blog (mattturck.com) has good coverage on the development in this area and captures how much the landscape has grown over the past few years. The figure below, created by Turck, captures the vendors in the Big Data landscape, divided by the functional aspects of their products.

Continue reading
1195 Hits
0 Comments

Spring Security and Attribute-Based Access Control

Spring Security, a project in the wider Spring framework, aims to provide an authentication and authorization framework around the core Spring. Having started its life as Acegi Security in 2003 before getting absorbed into the Spring framework, we recently saw the release of version 4 of Spring Security.

Continue reading
1889 Hits
0 Comments

Proving Access Control Compliance and Enabling Access Review Reporting

In April 2016, Axiomatics introduced the Axiomatics Review Manager, a one-of-a-kind access review and reporting tool, that can confirm polices are enforced and compliance is met within dynamic authorization implementations with Axiomatics, that utilize an Attribute Based Access Control model (ABAC).

In this blog post, we provide a more detailed explanation of the need that the Review Manager fills, as well as a glance into the inner-workings of the tool.

Continue reading
1410 Hits
0 Comments

Axiomatics Review Manager: Advanced access audit reporting of sensitive data

From its foundation, Axiomatics has been at the forefront of the authorization and access management technology movement. We have brought to to market solutions that are not only cutting edge, but also solve major issues faced by many large organizations that house and share sensitive information. We continue this drive forward with the launch of Axiomatics Review Manager, a one-of-a-kind access review and reporting tool, that can confirm polices are enforced and compliance is met within the Attribute Based Access Control (ABAC) authorization model.

Continue reading
1505 Hits
0 Comments

PEP SDK for Spring Security

Earlier in the year we introduced the work we have been doing to provide our customers with a easy way to integrate the fine-grained, policy-based authorization capability provided by XACML with the powerful and enterprise-level Spring (Security) framework.

Continue reading
1794 Hits
0 Comments

Using JSON and REST profiles for external authorization

In this blog post we describe how the recent JSON and REST profiles of the XACML standard make it easier to use and to integrate with the externalized authorization services provided by the XACML Policy Decision Point (PDP).

Continue reading
3215 Hits
0 Comments

Announcing ADAF MD support for Teradata and further SQL operation coverage

In late 2013, Axiomatics released a pioneering product, the Axiomatics Data Access Filter (ADAF) that provided powerful, standards-based policy-driven data filtering capability. In 2014 due to enthusiastic demands, we enhanced the product by offering support to multiple databases - Oracle and MS SQL, followed by IBM DB2 in 2015. We further improved the feature set by adding support for policy-driven masking and unmasking capability. This week, I’m happy to share that we’ve improved the functionality further, with the latest release of ADAF MD 1.4, with two new features.

Continue reading
1432 Hits
0 Comments

Integrating XACML into Spring Security

Spring takes away some of the great complexities of JEE and is a more light-weight and agile framework. It enables enterprise-level applications to be built with plain POJOs. But Spring also introduces dependency injection and inversion of control as important vehicles to help meet requirements that are shared across multiple layers in an application. This is especially important from a security perspective since security typically is a cross-cutting concern.

Continue reading
6401 Hits
0 Comments

Getting OWASP Top 10 Right with Dynamic Authorization

This is a joint post with Gunnar Peterson. Gunnar (@oneraindrop) is a Managing Principal at Arctec Group. He focuses on security architecture consulting and training. Experience includes Associate Editor for IEEE Security & Privacy Journal, a contributor to the DHS Build Security In portal on software security, a Microsoft MVP for security, an IANS Research Faculty member, a Securosis Contributing Analyst, and a Visiting Scientist at Carnegie Mellon Software Engineering Institute.

Continue reading
3711 Hits
0 Comments