Separating Authorization Logic from Apps

For any business in the Fortune 1000 – such as health care, insurance, banking, pharmaceuticals and manufacturing – the need to shift beyond legacy role-based access control models becomes more immediate with every data breach. There’s one trend that’s crossing industries – separating hard-coded authorization logic from applications: externalizing authorization and using a policy-based approach […]

The Identity & Access Management (R)evolution

Ready to evolve your access control to meet new complexities? Many organizations are currently striving to develop new strategies in their IAM vision and roadmap planning. While investments that are already in place need to be leveraged, organizations look for IAM capabilities that will make them more agile and responsive to change requests. This paper […]

Shifting to Attribute Based Access Control

No longer is a company’s data restricted by the boundaries imposed by physical office space and a local area network. Data sharing and collaboration transcend organizational borders and older models of access control cannot keep pace. They simply fail, and often with disastrous results. The static assignment of user permissions either directly or by way […]

Getting Started With ABAC

Implementation of an Attribute Based Access Control (ABAC) system is accomplished by the completion of three main task groups: Policy Modeling Attribute Sourcing Application Integration By orchestrating these three activities, organizations can effectively deploy an ABAC system and begin taking advantage of a more secure, flexible and business-driven approach to data sharing, to securing critical resources, and to […]

Swiss Re – User Permisson Management

The insurance sector is highly regulated. Sensitive information must be protected in compliance with regulations, with as little impact on business as possible. At the same time compliance with regulations has to be proven to auditors. Key to this is managing and enforcing user permissions to information. However, in many organizations legacy IT systems and […]