7 November 2019
Authorization, the process of determining who can access what, has been evolving steadily since the 1980s. Today, flexible, dynamic Policy Based Access Control platforms help secure an ever increasing volume of data against ever evolving cyber-threats.
RBAC was introduced in 1992, to address inadequacies in computer security. RBAC creates roles for every organizational functionality, giving each role permission to access certain resources, and linking users to roles.
Roles give RBAC flexibility that ACL lacks. Changes to a role’s permissions automatically update permissions of each user with that role. If a user changes their role, their permissions change with them.
But RBAC still has many drawbacks, among them:
RBAC can’t be amended quickly in emergencies, can’t grant permissions based on time or location, and users may be left with unnecessary permissions. These problems create serious security issues, making compliance with GDPR and other security regulations difficult.
PBAC has the flexibility to be Fine Grained or Coarse Grained: PBAC supports environmental and contextual controls, so policies can be set to grant access to resources at certain times and from certain locations and even evaluate relationships between identities and resources. Policies can be adjusted quickly, and set for given periods of time (for example in response to a breach or other emergency). Groups of users can be added, removed, or amended with ease and obsolete permissions revoked with a click.
PBAC can be coded in any language: PlainID’s Policy Manager has a flexible architecture so you can not only code in the language your company prefers, but it also has an easy to use GUI, for quick writing, reviewing, testing and implementing of even the most complex access policies. For example, XACML, a standardized Attribute Based Access Control language, requires specific coding skills and can’t be used or understood by people who aren’t experienced programmers.
PBAC gives transparency and visibility: Visualising the relationship between the identities and the resources is the first step in setting a strong access management policy. PBAC gives administrators a clear view of who is authorized to do what, across all organizational assets. It also provides full and transparent visibility for compliance with GDPR and other relevant regulations. As a result of its many strengths, PBAC closes security gaps left by RBAC, enhances your cybersecurity and delivers a proactive response to Data and Privacy regulation compliance.
“Companies that haven’t solved for access control are not only putting themselves at risk -- they are also suboptimizing every dollar of their cybersecurity spend.”- Richard Bird, Forbes Technology Council
RBAC has dominated access control since the 1990’s, but it doesn’t suit the needs of today’s fast paced, diverse, cloud-based environments.
By contrast, PlainID’s PBAC platforms offer contextual, fine-grained access control, comprehensive lifecycle management, zero trust architecture, and total visibility, together with an easy to use GUI for writing and managing complex access policies, without code. PBAC offers a proactive approach to compliance and gives the best access control for cybersecurity needs. All this, without interrupting the workflow of legitimate users.
Want to know more? Click here to get our whitepaper:
© All Rights Reserved 2020 PlainID