Enterprises are pained by legacy access control approaches. They are looking to achieve better access control management and consistency along with strong audit control and ease of record keeping and archiving. But the challenges are many:
- Lines of business have defined their own roles for access.
- Silos in the organization have different models and patterns for managing access control. Some models are conditional, even dynamic, but most are static, hard to scale, insufficient for modern applications and expensive to maintain.
The solution is clear: policy-based access management is needed to service their entire ecosystem, and control how the policies are defined and managed, with structured governance control.
Enterprises are shifting to Attribute-Based Access Control (ABAC)—for externalized authorization that is both policy-based for easier audit and fine-grained enough that it can tackle any business requirement. Along the way, certain deployment challenges may emerge:
- ABAC needs attributes, and attributes are linked to entities/objects and processes that are scattered across all identity and data silos.
- To provide a comprehensive and optimized authorization framework, ABAC policies require a consolidated, normalized directory of attributes.
Radiant Logic’s product, RadiantOne FID, is a federated identity service based on virtualization that supplies policy engines with all the objects, attributes and context they need. Axiomatics’ dynamic authorization suite provides the fastest and most extensive ABAC engine for a policy-based approach to authorization.
Together, they add speed and accuracy to the process, allowing enterprises to take full advantage of ABAC for fast, fine-grained authorization.
Speakers: Gerry Gebel, VP Business Development, Axiomatics; Wade Ellery, Senior Solutions Architect, Radiant Logic.