A Systematic Approach to Implementing Dynamic Authorization using Attribute Based Access Control

“That sounds hard.” Shifting to a new way of managing access control requires a new way of thinking. But the approach is straightforward. This paper will break down the process into digestible, easy-to-implement steps as you switch to a policy-based approach, and upgrade your legacy role-based system.

In RBAC, users are assigned roles and roles assigned permissions. The use of roles and permissions makes access control more manageable. It also provides for a first tangible step towards externalized authorization However, RBAC also suffers from manageability. With the advent of the Internet, APIs, IoT, Big Data, there is an increasing need for finer-grained, context-aware authorization.

RBAC cannot provide access control based on relationships or contextual attributes such as time or location. Consequently, RBAC cannot express real-world access control policies. RBAC simply does not scale to the complexity in today’s IT environments. This is where Attribute Based Access Control (ABAC) comes in.

Other Resources

White Papers
Why traditional IAM solutions are no longer enough
Identity and Access Management (IAM) solutions are an amazing advancement and have saved countless headaches and work hours for today’s IT professionals. Without these solutions,...
White Papers
Evolving from RBAC to next generation ABAC
Enterprises face a rapid expansion of diverse users alongside an influx of applications, devices, APIs, and microservices. The amount of data created and consumed by...
White Papers
KuppingerCole Report – Market Compass: Dynamic Authorization Management
The KuppingerCole Market Compass on Dynamic Authorization Management provides an overview of the product or service offerings in selected market segments. The report has profiled...