Part 2: OAuth Scopes May Not be Enough This is a multi-part series of articles describing why and how one can approach applying Externalized Dynamic Authorization to an API and/or microservices architecture that uses OAuth 2.0 flows and/or OpenID Connect (OIDC). Externalized Dynamic Authorization
The big data landscape is, not surprisingly, big. Matt Turck’s excellent blog (mattturck.com) has good coverage on the development in this area and captures how much the landscape has grown over the past few years. The figure below, created by Turck, captures the vendors in the Big Data
Big data is one of the “big” industry trends that is challenging enterprises these days, especially from a data security perspective. Thanks to the explosion of Big Data, the Internet of Things (IoT), and global mobilization, the way companies use, collect, store and process data has changed
In a previous blog post we discussed how the Axiomatics Data Access Filter for Multiple Databases lets you define and enforce fine-grained, policy-based access control on data at the time it's inserted into the database. This ability is fundamental if you want to provide any
Database access control is not only about controlling who can read the data, but also about making sure that the right people get to generate it. You may say that they are two sides of the same coin. It’s not only important to restrict how data is extracted from the database. You need to make
This post explains how to apply fine-grained dynamic data masking using the Axiomatics Data Access Filter MD (for Multiple Databases), while minimizing changes to applications that consume the data. When fine-grained dynamic data masking must also preserve referential integrity and value format.
In a previous blog post Andrew Hindle discussed the difference between Data Access Filtering and Dynamic Data Masking. This blog post investigates the advantages of combining these two approaches. As of version 1.2, the Axiomatics Data Access Filter for Multiple Databases (ADAF MD) introduces
In 1668, when Thomas Hobbes wrote ‘knowledge is power’* for the first time ever, it is unlikely he was thinking of knowledge in terms of information. Nonetheless the aphorism has kept its weight in the Information Age. For us, knowledge means acquired information, and its power emanates from