Dynamic authorization is the core technology behind the NextLabs platform, in which authorization and access rights to an organization’s network, applications, data, and other sensitive assets are granted dynamically in real-time via attribute-based access control (ABAC) policies. Dynamic authorization is a technology in which authorization and access rights to an organization’s network, applications, data, or other sensitive assets are granted dynamically in real-time using attribute-based rules and policies. As such, it is a core element of any organization’s implementation of Zero Trust Architecture (ZTA).
With traditional Role-Based Access Control (RBAC), or list-based authorization systems, administrators need to constantly monitor and reassess changes in user status, reassign and revoke roles, or even monitor and reassign permissions on individual files or records. This can be very resource intensive, and as organizations grow it does not scale well and can lead to role explosion.
With dynamic authorization systems driving by ABAC policies, in contrast, access to data is granted or denied in real-time by policy according to variables, such as the latest user status, data classifications, and environment information. A Dynamic Authorization Policy Engine, like the one at the core of the NextLabs platform, allows security administrators to define a small number of policies that will always be up to date, because the variables used in policy are evaluated at the time of the authorization request. Policies can be designed in such a way that they cover many different combinations of attributes.