At the 2014 RSA Conference, SearchSecurity Editorial Director Robert Richardson spoke with Dieter Schuller, vice president of sales and business development at Radiant Logic Inc., about attribute-based identity management.
What companies are trying to do, Schuller said, is arrive at fine-grained, attribute-based control over access to sensitive data. "They all want to get there," he said, "but it's really difficult."
One problem, he said, is that all the applications out there today, including those currently being written, approach access from the perspective of roles and groups. But an approach Radiant Logic favors is building groups based on attributes, "so that we can get you into what I would call the hybrid model of attribute-based access control."
"It's not 100% there," Schuller said, "but it gets you close enough in the same way that having a hybrid gets you close enough to having an electric car, to where it starts to become real, and people move there."