Open Source API Gateways and Dynamic Authorization: Working with Kong

APIs are used in almost all modern application projects and are usually tightly coupled with microservices. Securing APIs in different ways is critical and although many API gateways can handle basic security, they usually lack the capability to apply fine-grained policy based authorization. In this session, Jonas Iggbom from Axiomatics shows how Axiomatics operates with […]

Dynamic Authorization for the Apigee API Gateway

One of the most common API gateways in the market that Axiomatics customers work with is Apigee. This gateway comes with built-in capabilities for extending the authorization and with that calling an external authorization service. Apigee also has capabilities to be extended using custom coding/development. Axiomatics and Apigee can be configured to apply authorization on […]

Controlling Access to Business-Critical Data

In this webinar, Axiomatics experts reveal how to use dynamic authorization to secure the content of data stores. Data on its own, in its own silo, has little value. Once collected, centralized, mined, and analyzed, it can reveal many insights about businesses, customers, trends, etc.; but to do so, access needs to be allowed to many […]

Using the Power of Federated Identity and Dynamic Authorization to Streamline Access Control – with Radiant Logic

Enterprises are implementing Attribute-Based Access Control (ABAC) for externalized dynamic authorization that is both policy-based for easier audit and fine-grained enough that it can tackle any business requirement. Along the way, deployment challenges emerge: ABAC needs attributes, and attributes are linked to entities/objects and processes that are scattered across all identity and data silos. To provide […]

Authorization that Scales to the Cloud and Beyond

Companies are leveraging cloud native capabilities such as storage, orchestration, and compute to deliver value to their business; and much of net new application development now takes place in the cloud at a faster pace than ever before. We see the proliferation of more services, more users, and more data which all translate to more […]

Beyond OAuth: Securing APIs with Policies & ABAC

Måns Håkansson gave his presentation on securing APIs with policies and Attribute Based Access Control (ABAC) at this year’s KuppingerCole Cyber Access Summit / Cybersecurity Leadership Summit in Berlin on November 14th, 2018. Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert […]