+

The ABAC Advantage According to NIST – What the Guidelines and the Users Have to Say

In this webinar we will discuss the ABAC advantage according to the National Institute for Standards and Technology (NIST).

In 1992 the US National Institute of Standards and Technology (NIST) published a paper on Role Based Access Control (RBAC). For years to come RBAC remained the predominant model for access control and the NIST publications on this topic most certainly influenced this development.

By and by, the limitations of RBAC became more apparent and NIST researchers and analysts have looked at alternatives. In 2009 the Federal Chief Information Officers Council (Federal CIO Council) published its Federal Identity, Credential, and Access Management (FICAM) roadmap and implementation plan with ABAC as the recommended model for access control. The NIST Special Publication 800-162 with guidelines for ABAC broadly discusses the advantages of a shift to ABAC.

In this webinar we will look at the NIST recommendations in the light of our own and our customers’ implementations experiences.

The webinar will cover:

  • The key ABAC advantages according to NIST
  • How they compare with customer experiences
  • How your organization can take advantage of them

Other Resources

Webinars
Zero Trust Through Dynamic Authorization And Policy Driven Access
Join experts from KuppingerCole Analysts, Ericom and Axiomatics for an interactive discussion on the role of fine-grained access controls in adopting Zero Trust and how best to address that challenge to meet the needs of a hybrid workforce using cloud-based applications and adopting new ways of working, such as DevOps.
Webinars
The Convergence of Cloud, DevOps and Access Control
Security experts from industry-leading NTT DATA and Axiomatics are making a deep dive into migrating access control to the cloud. Follow the demonstration of how to set up a project for containerization using ALFA and Jenkins.
Webinars
ABAC as code – Applying Modern DevOps to Policy Authoring
A DevOps approach to externalized business policy engineering can ensure modern CI/CD processes help IT adoption of access control policy authoring.