March 22, 2023

With an advent of a “work anywhere, anytime” environment, enterprises face a rapid expansion of diverse users alongside an influx of applications, devices, APIs and microservices. Additionally, the amount of data created and consumed by these users, devices and services continues to explode, creating extraordinary security and compliance challenges.

RBAC limitations

Formalized by NIST in 1992, role-based access control (RBAC) has long been a standard approach to managing access to critical assets and data, particularly for enterprises managing more than 500 employees. However, to ensure secure access, enterprises can no longer afford to define authorization policies based solely on a user’s role.

Axiomatics has identified four limitations to an RBAC-centric security approach and suggests enterprises evolve their RBAC model to an attribute-based access control (ABAC) model. ABAC is recognized by NIST as a model that can “improve information sharing within organizations and between organizations while maintaining control of that information,” and is at the core of modern security approaches, including zero trust.

Four RBAC limitations

  1. Role explosion
  2. Toxic combinations
  3. Management nightmares
  4. No context

ABAC is the future of access control

Attribute-based access control (ABAC) is an authorization strategy that defines permissions based on attributes. creating a single ABAC policy or small set of policies for all IAM principals. ABAC is helpful in environments that are growing rapidly and helps with situations where policy management becomes cumbersome.

ABAC Advantage

  1. ABAC adds context
  2. ABAC permissions scale with innovation.
  3. ABAC requires fewer policies.
  4. Using ABAC, teams can change and grow quickly
  5. Granular permissions are possible using ABAC.
  6. Use employee attributes from your corporate directory with ABAC.

By evolving RBAC with ABAC, administrators provide well-rounded access control that builds on RBAC while harnessing ABAC’s context to address today’s requirements and future needs

Tags:

Leave a Reply

You may have missed

Google blocks Pinduoduo App amid Security Concerns

Google blocks Pinduoduo App amid Security Concerns

March 22, 2023
Mandiant Report – Nation State Zero Day Exploits in 2022

Mandiant Report – Nation State Zero Day Exploits in 2022

March 22, 2023
Mispadu Banking Trojan

Mispadu Banking Trojan

March 22, 2023
DotRunpeX – Malware Injector Spreads in Wild

DotRunpeX – Malware Injector Spreads in Wild

March 21, 2023
Killnet Targets Healthcare Azure Resources

Killnet Targets Healthcare Azure Resources

March 21, 2023
NBA suffers a Data Breach – Third Party Provider Data Stolen

NBA suffers a Data Breach – Third Party Provider Data Stolen

March 21, 2023
%d bloggers like this: