+

5 misconceptions about a policy-based approach to access control

At its core a policy-based access control model (also referred to as Attribute Based Access Control or “ABAC”) is a concept any developer can understand.

The phrase “access control” refers to application mechanisms that govern what each user can (or can’t) see and do. And a “policy” is a principle, rule, or guideline formulated or adopted by an organization.

While learning the fundamentals of access control and how it helps development teams secure their applications, you may be exposed to some conflicting ideas or even misinformation about policy-based access control and the value of an ABAC-based solution.

Adopting external authorization will impact performance System performance is a major concern for most teams. As a result, when developers are introduced to the concept of externalized authorization via “a centralized server,” the conversation quickly turns to performance and concerns about further slowing processes. In reality, there is no impact on process efficiency and flow.

ABAC streamlines decision processes so your application code is not overwhelmed with security rules.

For the developer, the interface is very simple: send a package of attributes to the authorization service, then process the permit/deny response.

Here are five common misconceptions about a policy-based access control model and the value you may be missing.

Other Resources

Fact Sheets
Applying ABAC to your cloud migration
As enterprises continue to rapidly adopt and migrate data, applications and assets to the cloud, new challenges and opportunities arise. A significant challenge that has...
Fact Sheets
Policy-driven security for the financial industry
The need to secure information and assets has never been greater. Fraud, risks, and regulatory compliance must be addressed without hindering business initiatives. Striking the...