Using the Power of Federated Identity and Dynamic Authorization to Streamline Access Control
Today’s large enterprises are looking to achieve better access control management and consistency, along with strong audit control and ease of record keeping and archiving. But the challenges are many:
- These enterprises are often saddled with legacy access control approaches.
- Lines of business have defined their own roles for access.
- Silos in the organization have different models and patterns for managing access control. Some models are conditional, even dynamic, but most are static, hard to scale, insufficient for modern applications and expensive to maintain.
The solution is clear: policy-based access management is needed to service their entire ecosystem, and control how the policies are defined and managed, with structured governance control.
Enterprises are implementing Attribute-Based Access Control (ABAC)—for externalized dynamic authorization that is both policy-based for easier audit and fine-grained enough that it can tackle any business requirement. Along the way, deployment challenges emerge:
- ABAC needs attributes, and attributes are linked to entities/objects and processes that are scattered across all identity and data silos.
- To provide a comprehensive and optimized authorization framework, ABAC policies require a consolidated, normalized directory of attributes.
Radiant Logic’s product, RadiantOne FID, is a federated identity and directory service based on virtualization that supplies policy engines with all the objects, attributes and context they need. Axiomatics’ dynamic authorization suite provides the fastest and most extensive ABAC engine for a policy-based approach to authorization.
Together, they add speed and accuracy to the process, allowing enterprises to take full advantage of ABAC for fast, fine-grained authorization.
Date: Thursday, March 28, 2019
Speakers: Gerry Gebel, VP Business Development, Axiomatics; Wade Ellery, Senior Solutions Architect, Radiant Logic.
Axiomatics is the leading provider of externalized authorization solutions for applications, databases, Big Data, microservices and APIs. Their dynamic authorization suite is a flexible platform that easily integrates with many IAM and API technologies. With customers in the Global Fortune 1000 within sectors with regulatory compliance, privacy and IP concerns (such as healthcare, finance, insurance, manufacturing, the US federal government), Axiomatics’ solutions help protect systems against unauthorized use while enabling secure sharing of information. Axiomatics contributes to the XACML standard and has editorial responsibilities.
Radiant Logic is the market-leading provider of the RadiantOne Federated Identity and Directory Service based on virtualization. Acting as a single “policy information point” (PIP) for Axiomatics’ XACML solutions, RadiantOne puts the “fine-grained” into authorization, bringing together data from multiple silos and creating a single view of user identities and profiles drawn from disparate sources. Because RadiantOne gathers a rich array of user attributes from across the entire identity infrastructure, corporate policies can be smarter and more responsive.