Most modern environments today handle large amounts of data. Typically the data is spread across different data sources such as relational databases or even a big data system or data lake. And within these massive data stores, therein lies data that is very sensitive and critical to
This Q+A originally appeared on Information Security Stack Exchange. Question: We are looking to implement Attribute-Based Access Control. While we are sold on the philosophy, there are two topics that seem to crop up: Will it lead to significant performance issues? Especially
Are you working with MERN (Mongo, Express, React-redux, Node) and Authorization? This Stack Overflow post details the question at hand, and then how to use dynamic authorization with MERN. It originally appeared on Stack Overflow. Question I am creating a MERN (Mongo, Express, React-redux, Node)
Today's blog post is a post from one of our partners, Gluu. The feature writer is Mike Schwartz. He has been an entrepreneur and identity specialist for more than two decades. He is the technical and business visionary behind Gluu. Mike is an application security expert and has been a
Axiomatics Policy Server keeps evolving to meet the needs of our customers as they migrate resources to the cloud. Our latest update to the cloud-native Policy Decision Point (PDP) makes it compliant with the REST and JSON profiles version 1.1 of the XACML 3.0 standard (version 1.1 was published
How to solve the consistency problem of managing authorization of Single Page Application & .NET Core WebAPI? Question from Stack Overflow User Ishan Akin. We are currently developing a web application that has following architecture. A single page application based on
Introduction Extending the authorization capabilities of an API Gateway to use fine-grained dynamic authorization with the Axiomatics Policy Server is a common use case. There are several different aspects of authorization that are typically applied to API’s: Authorizing whether or not
The Axiomatics technical teams across sales engineering, development and customer relations often engage with the Stack Overflow community to get insights and answers. They also contribute knowledge on access control and dynamic authorization. This question on access control models, asked by
This describes how we can deploy a cloud-native authorization engine facilitated by Attribute Based Access Control (ABAC) as a microservice application in Kubernetes (K8s) environment. We are going to use Google Kubernetes Engine (GKE) but the Kubernetes commands in this blog should also work on
Dynamic Authorization and DevOps work well together. I'll give a quick overview of the process and then share a few things specific to Axiomatics dynamic authorization and the move to DevSecOps. DevOps defines the process between development and IT for efficient collaboration to build, test and
