ABAC as code – Applying Modern DevOps to Policy Authoring

A webinar with NTT Data Federal and Axiomatics.

ABAC as code – Applying Modern DevOps to Policy Authoring

All organizations face a range of data security challenges. Federal Agencies are balancing the demands of protecting critical information – sometimes vital to national security – with the need to have quick, effective inter-and intradepartmental communication. The commercial sector, while not dealing with national security issues, faces similar challenges when it comes to keeping information in the right hands.

A DevOps approach to externalized business policy engineering can ensure modern CI/CD processes help IT adoption of access control policy authoring.
This webinar will examine how we treat ABAC (Attribute Based Access Control) policy as code, using the Abbreviated Language for Authorization (ALFA). You will see a demonstration of a realistic service-oriented system with a portal application, multiple API applications written in Java and .Net Core integrated with Axiomatics’ Access Decision Service (ADS). The demonstration will also utilize integration with Radiant Logic’s Federated ID and Okta for SSO. We will illustrate the benefits of treating ABAC policies as code with a demonstration of modern DevOps CI/CD tool chain that will take version-controlled policies and deploy them to the ADS.

This presentation of industry experts will be looking at a range of topics, including:
-Integration of modern systems with portal applications and APIs, integrated with Axiomatics cloud-native PDP
-Best practices of CI/CD processing to deploy Axiomatics policy packages
-Demonstrating policy deployment without changing application code

Our Speakers:
Paul Yu, Solutions Architect Manager, NTT Data Federal
Mike Good, Principal Engineer, NTT Data Federal
Farid Shahlavi, Principal Engineer, NTT Data Federal
Gerry Gebel, President, Axiomatics Federal

Fill out the form below to watch this video

Other Resources

Zero Trust Through Dynamic Authorization And Policy Driven Access
Join experts from KuppingerCole Analysts, Ericom and Axiomatics for an interactive discussion on the role of fine-grained access controls in adopting Zero Trust and how best to address that challenge to meet the needs of a hybrid workforce using cloud-based applications and adopting new ways of working, such as DevOps.
The Convergence of Cloud, DevOps and Access Control
Security experts from industry-leading NTT DATA and Axiomatics are making a deep dive into migrating access control to the cloud. Follow the demonstration of how to set up a project for containerization using ALFA and Jenkins.
Taking an identity-centric approach to a modern security architecture
Federal agencies invest heavily in protecting data from external threat actors, but the insider threat problem requires a new approach to access control. While protecting data is paramount, that requirement must be balanced with the need to share certain information across a variety of use case scenarios within and across agencies/departments.