+
  • Category: Access Control 101

Axiomatics Policy Server Evolves with the Cloud

Access Control 101
Axiomatics Policy Server keeps evolving to meet the needs of our customers as they migrate resources to the cloud. Our latest update to the cloud-native...

Stack Overflow: Creating a consistent authorization framework

Access Control 101
How to solve the consistency problem of managing authorization of Single Page Application & .NET Core WebAPI? Question from Stack Overflow User Ishan Akin. We...

Stack Overflow: ABAC vs. RBAC via XACML Policies

ABAC
The Axiomatics technical teams across sales engineering, development and customer relations often engage with the Stack Overflow community to get insights and answers. They also...

Applying Dynamic Authorization to Cloud Technologies

Access Control 101
Is your business preparing to move to the cloud? Or have you already adopted the cloud and are looking for ways to enhance cloud security...

Peer Insights: Wisconsin IAM User Group

Access Control 101
We’re always looking for ways to get involved with local colleagues in the IAM space. In a recent session, we met with some of our...

Going on vacation, how can I implement delegation in XACML?

Access Control 101
This use case happens in many different industries, such as: Banking: account management Healthcare: medical record access There are other types of delegation possible, e.g....

Customer Identity, Contextual Security, and More: What We Learned at Gartner’s 2016 IAM Conference

Access Control 101
This year’s Gartner IAM Conference was full of thoughtful keynotes and a reflection of things to come for IT professionals in 2017. Over 1500 professionals...

How do I use the map function in XACML?

Access Control 101
Some examples of policies are: Managers can view documents in their city Users can edit documents they own Each policy uses attributes. In the examples...

Integrate the CA API Gateway with Axiomatics Policy Server

Access Control 101
As the web constantly evolves, so too do its foundations. Today, the web as we know it is built on web applications, web services, and...

A technical view of the business case for Attribute Based Access Control (ABAC) – Part 2

Access Control 101
Third project management use case Use Case 3 (for the two previous use cases, see Part 1 of this blog) is from a project management...

A technical view of the business case for Attribute Based Access Control (ABAC) – Part 1

Access Control 101
How such high-level business requirements translate to ABAC on a technical level is not always obvious. The blog post series use a sample application to...

Using ALFA Eclipse plugin to author XACML policies – Part 1

Access Control 101
The scenario we will use is that of a car dealership company. In the company, purchase orders are deemed as sensitive resources and hence they...

Using XACML to apply fine-grained access control on Java Servlets with Filters

Access Control 101
XACML Policy Enforcement Points A policy enforcement point (PEP) in the XACML architecture is responsible for: intercepting a business request (e.g. a user web request...

Short introduction to Access Control – Part 2

Access Control 101
XACML standard covers three major parts: Reference Architecture: The standard proposes reference architecture with commonly accepted names for the various entities involved in the architecture....

Short introduction to Access Control – Part 1

Access Control 101
(Short) Story of Access Control Access control can be thought of as a way to selectively restrict access to a specific resource. The actual process...