What is Attribute Based Access Control?

Protect Critical Assets and Enable Information Sharing What is Attribute Based Access Control? Access control has gone beyond simply need-to-know to include need-to-share authorization. Traditionally, the focus of authorization and access control has been on building barriers to sensitive data and only making it available to a select few. But that’s changed as companies want […]

How ABAC fits into an IAM Framework

IAM teams are finding that Attribute Based Access Control is key to meeting regulatory and compliance requirements. ABAC is an access control approach that is recommended by NIST and discussed in their Guide to Attribute Based Access Control (ABAC) Definition and Considerations (NIST Special Publication 800-162) document. With ABAC, the use of subject, environment, and […]

The Basics of Attribute Based Access Control (ABAC)

Traditionally, the focus of authorization and access control has been on building barriers to sensitive data and only making it available to a select few. But that’s changed as companies want to get more from their data and make it really work for them. Authorization is now about facilitating user access to the right data […]

Data-centric Security for Pharmaceuticals – Executive Summary

Providing the right stakeholders with unobstructed access to sensitive data is essential in any industry. Within the pharmaceutical and biotech industries, inefficient data sharing and collaboration slow down the research process and delay the launch of new products. However implementing an effective data share approach can be extremely complex through a combination of business, security, privacy and regulatory […]

Axiomatics Primer: OAuth and OpenID Connect

Learn how to approach applying Externalized Dynamic Authorization to an API and/or microservices architecture that uses OAuth 2.0 flows and/or OpenID Connect (OIDC), with this Axiomatics Primer on the basics of OAuth and OpenID Connect.

Why Externalized Authorization? (for Federal Government)

“What will my organization gain from externalized authorization?” It’s a question our team hears often. Axiomatics understands our dynamic world that requires organizations to be more responsive. Typically, information and application access policies are hard coded into the application. That requires many months of coding efforts and man hours to make any policy changes, which no […]