+
  • Category: Tech

How OAuth is related to Attribute Based Access Control

Tech
What is Authorization? Authorization, also referred to as Access Control, is the process that follows authentication (which checks your identity and ensures that you are...

Zero Trust Network Access Eliminates Wide Network Access Perimeters 

Tech
Network access security is quickly evolving as the amount of data produced by an organization increases. Combine this with the rapid increase of remote working...

Stack Overflow: What’s the difference between policy target and rule target in XACML?

Tech
Are you looking for further clarification in working with XACML? This post originally appeared on Stack Overflow. Question: XACML allows us to specify <Target> tag in...

Protect What Matters Most: The Data — Part 2

Tech
Protect What Matters Most: The Data — Part 2, Data-Centric Security Welcome to Part 2, of Protect What Matters Most: The Data. You can find...

Protect What Matters Most – The Data

Tech
Protect What Matters Most: Fine-grained, Policy-based Authorization for your Data Introduction When I speak to customers about what Axiomatics does (fine-grained, externalized, policy-based access control),...

The Power of Dynamic Data Masking and Dynamic Authorization

Tech
Most modern environments today handle large amounts of data. Typically the data is spread across different data sources such as relational databases or even a...

Stack Exchange: Looking for an Approach to Implement Attribute Based Access Control (ABAC)

Tech
This Q+A originally appeared on Information Security Stack Exchange.  Question: We are looking to implement Attribute-Based Access Control. While we are sold on the philosophy,...

Stack Overflow: MERN Stack Authorization and Authentication

Tech
Are you working with MERN (Mongo, Express, React-redux, Node) and Authorization? This Stack Overflow post details the question at hand, and then how to use...

Authorize Like a Pro with Axiomatics + UMA – Guest Blog Post from Gluu

Tech
Today’s blog post is a post from one of our partners, Gluu. The feature writer is Mike Schwartz. He has been an entrepreneur and identity...

Axiomatics Policy Server Evolves with the Cloud

Access Control 101
Axiomatics Policy Server keeps evolving to meet the needs of our customers as they migrate resources to the cloud. Our latest update to the cloud-native...

Stack Overflow: Creating a consistent authorization framework

Access Control 101
How to solve the consistency problem of managing authorization of Single Page Application & .NET Core WebAPI? Question from Stack Overflow User Ishan Akin. We...

Dynamic Authorization to Redact Data in for the Apigee API Gateway

Tech
Introduction Extending the authorization capabilities of an API Gateway to use fine-grained dynamic authorization with the Axiomatics Policy Server is a common use case. There...

Stack Overflow: ABAC vs. RBAC via XACML Policies

ABAC
The Axiomatics technical teams across sales engineering, development and customer relations often engage with the Stack Overflow community to get insights and answers. They also...

Dynamic Authorization and DevOps

Tech
Dynamic Authorization and DevOps work well together. I’ll give a quick overview of the process and then share a few things specific to Axiomatics dynamic...

Critical Data Security Trends 2019

Business
In case you missed our press release on the Critical Data Security Trends for 2019, we’re sharing the list here on the blog for the...

IDF Connect + Axiomatics Part 2, The integration of SSO/Rest and Attribute Based Access Control

Tech
Recently we introduced you to the exciting new release and integration with IDF Connect (you can read Part 1 of the blog here). In part...

Stack Overflow: Alternatives for Roles/Claims Access Control Systems

Tech
The Axiomatics technical teams across sales engineering, development and customer relations often engage with the Stack Overflow community to get insights and answers. They also...

A Fresh Look at Spring Security Access Control

Spring Security
Today’s blog is a deep dive on various types of access control. I’ll be reviewing the differences between Expression-Based Access Control, Role Based Access Control...

What you need to know: IDF Connect + Axiomatics Partnership

Tech
Our partner, IDF Connect, recently announced an exciting new product release for SSO/Rest™ 3.1, the first stand-alone, Zero Trust Access Management solution designed explicitly for...

Applying Dynamic Authorization to Cloud Technologies

Access Control 101
Is your business preparing to move to the cloud? Or have you already adopted the cloud and are looking for ways to enhance cloud security...

Axiomatics Integrates Dynamic Authorization with Mulesoft Anypoint Platform

Business
We recently announced our partnership with MuleSoft and the new integration with their Anypoint Platform™. Axiomatics now augments existing access control with a customizable API...

The State of the Union of Authorization

Business
A couple months ago, I had the pleasure to talk at the European Identity Conference on a topic that is close to my heart: authorization....

Using the Spring PEP SDK with Spring Boot & Thymeleaf for UI Security

Tech
Overview Axiomatics provides a Policy Enforcement Point (PEP) Software Development Kit (SDK) for Spring Security. We can use this Spring Security SDK to easily restrict...

Intro to Attribute Based Access Control (ABAC)

Business
Access control has gone beyond simply need-to-know to include need-to-share authorization. Traditionally, the focus of authorization and access control has been on building barriers to...

Securing Cloud Infrastructure with Dynamic Authorization

Business
Today, it is imperative for businesses to increase scalability and enable collaboration among development teams to help solve complex challenges, all while cutting down on...

Video Blog: Authorization Made Simple: Secure Applications with ALFA, REST, and JSON

Business
Across industries, businesses are focusing more on their IT departments and developing more applications than ever before. If your team needs to deliver a microservice,...

Axiomatics and Saviynt Partnership Brings Externalized Dynamic Authorization and Identity Governance and Administration Solutions Together

Business
Earlier this week, we announced our partnership with Saviynt, a leading provider of identity governance and cloud security solutions. The partnership allows for the Axiomatics...

The Build vs Buy Decision

Business
Authorization of user access to data and applications is more important than ever – and enterprises are looking to solve this in the best way...

Executive Spotlight: Interview with Erika Boije, VP Engineering at Axiomatics

Business
After more than a decade as a consultant, and then CTO of a mobile payment company, Erika Boije discusses what drew her to Axiomatics and...

The Power of Data Filtering

Tech
We’ve been hearing from our customers about evolving use cases around data-centric security, and the need to closely manage access to data sets – across...

An Opportunity to Rebuild Customer Trust and Ensure Data Loyalty: GDPR

Business
Over the past year, you’ve no doubt been bombarded with news and opinions on the GDPR. “Who will be affected?” “Are you prepared?” “Will the...

Video Blog-Moving Beyond Identity-Based Access Control

Business
Axiomatics’ solutions implement Attribute Based Access Control (ABAC). This means that, when processing an access control request, digital rules can be evaluated to consider the...

IAM: The Glue That Holds It All Together

Business
In a decentralized, decoupled, distributed world, where each (micro) service fends for itself and modules are pieced together to deliver leaner, laser-focused functionality, there is...

Top Federal Government Security Trends for 2018

Business
DevOps, Information Dissemination, Safeguarding Sensitive Data and Data Monitoring Dominate Federal Security Practices in 2018 Secure data sharing remains a challenge among intelligence agencies and...

Applying ABAC to Cloud Technologies

Business
Is your business or agency preparing to migrate to cloud technologies in 2018? Or have you already adopted the cloud and are looking for ways...

They Wrote the Book on ABAC

ABAC
Artech House has just published a book on Attribute Based Access Control, authored by Vincent Hu, David Ferraiolo, Ramaswamy Chandramouli and Richard Kuhn. These names...

Filter Data with Tableau Using Axiomatics SmartGuard for Big Data

Tech
Introduction Tableau offers Business Intelligence (BI) software that is great for generating meaningful graphs and visualizations of data. The software can query many different sources...

How Commercial Off-the-Shelf (COTS) Applications Can be Supported with XACML

Tech
As a Sales Engineer, it’s not uncommon to meet with a customer – or a prospective customer – who, along with securing APIs, microservices, and...

How to Write Authorization Policies for Big Data

Tech
When it comes to securing access to services and data, we see many different use cases and, with that, the enforcement of authorization rules at...

Marking the 10-Year Anniversary of the First XACML Interoperability Demo

Tech
It’s hard to believe, but it’s already been 10 years since I had the honor to host the first ever XACML interoperability demonstration at Burton...

Leveraging Splunk to Aggregate Axiomatics Policy Server Log Data

Tech
Splunk is a Security Information and Event Management (SIEM) tool that can be used to aggregate and analyze security logs. Axiomatics Policy Server (APS) can...

Dynamic Authorization: Separating the Fact from the Fiction

Tech
While it is predicted that “by 2020, 70% of enterprises will use Attribute-Based Access Control (ABAC) to protect critical assets” (Gartner), a lot of confusion...

How Dynamic Authorization Can Support GDPR Compliance

Business
If you missed part 1 or 2 of our GDPR blog series, you can find them here: Part 1: A GDPR Primer: What You Need...

The Convergence of Personalization and Authorization

API
A founder of a former company said something to me as we closed the doors, “I wish I built a tiered subscription model at the...

How can many complex permit rules for the same XACML policy be managed?

Tech
XACML, the eXtensible Access Control Markup Language, is an authorization language that implements Attribute Based Access Control (ABAC). As the name indicates, XACML uses attributes...

Obligations and Advice in XACML part 2

Tech
In a previous blog post ​we discussed the use of XACML obligations and advice. I concluded the post with the cliff hanger: An interesting use...

Custom claims-based authorization in .NET using Axiomatics PEP SDK for .NET

Tech
Implementation of the custom ClaimsAuthorizationManager The custom authorization manager should derive from ClaimsAuthorizationManager and the only method that must be implemented is CheckAccess. As a...