Why Dynamic Authorization with Attribute Based Access Control?
Traditionally, access control has been based on a user’s identity in terms of roles or groups. This approach is often insufficient to adequately determine whether a user should really gain access to sensitive information. Dynamic authorization is a technology in which authorization and access rights to an organization’s sensitive assets are granted dynamically in real-time based on attribute-based rules and policies. Attribute Based Access Control (ABAC) is a model for securing data and applications based on a wide range of subject attributes (such as user, computer, and application-specific data); environment attributes (such as time, connection type, location, or threat level); and resource attributes (such as data values, classification, or content). Using Dynamic Authorization with ABAC, organizations can create and automate policies using any combination of these attributes which results in more fine-grained decisions – gaining unprecedented flexibility and enhanced security.