Role-based access controls


This article can also be found in the Premium Editorial Download "Information Security magazine: Nine tips to guarding your intellectual property."

Download it now to read this article plus other related content.

Gears Don't Mesh
Where access control needs to become more granular, access control products need to become more flexible, less proprietary and more standardized.

But there's still a lot of work to do, because products that work at the enterprise identity management and access control level are proprietary, for the most part. This means that implementation is expensive because of the customized programming required to integrate the necessary components such as HR database, access control enforcer, identity stores, databases, directories and workflow. This would also mean a forklift replacement if a company decides to change products. (Some companies have decided to develop in-house customized and stove-piped access control solutions. This usually amounts to a never-ending, expensive software development project.)

We should learn from the bind that companies got themselves into when implementing proprietary electronic data interchange (EDI) solutions. Implementa-tion, upgrading and maintenance are all extremely expensive under this approach, and extending functionality or flexibility is cost-prohibitive.

Experience has taught us the benefits of a standard framework that allows for loose coupling of modular components that communicate using standardized protocols and provide standardized APIs.

While some access control products are moving toward the use of standards such as SOAP, XACML, SAML and Web services, as customers, we need to understand

    Requires Free Membership to View

the benefits of these technologies and avoid getting stuck with proprietary solutions that could break existing systems, drain the bottom line and impede dynamic changes as our business needs evolve.

This was first published in May 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: