Microsoft has introduced a significant feature enhancement to Windows Server 2012, Dynamic Access Control (DAC). This is big upgrade from the access control lists (ACLs) used in previous generations of Windows Server, giving enterprises a richer and more flexible authorization model at their disposal. The new functionality gives enterprises tools to more effectively control access [...]
Archive for the ‘Authorization’ category
« Analyzing Identity home page
XACML and Dynamic Access Control in Windows Server 2012
May 25, 2012Categories: Authorization, Conferences, Uncategorized, Windows Server 2012, XACML
Comments: Be the first to comment
Part One: Software Development Lifecycle (Architecture and Design)
April 5, 2012Last year, James McGovern who previously was in the role of Chief Security Architect for The Hartford and now is the lead Enterprise Architect for HP focused on insurance and I held several discussions (Part 1, Part 2, Part 3) on using entitlements management within the insurance vertical. Now that we are in a new [...]
Categories: Architecture, Authorization, Development, Standards, XACML
Comments: 1 Comment
Part Three: Enterprise Authorization Scenarios with James McGovern
April 6, 2011Here is the third installment in a series of conversations I have had with James McGovern, enterprise architect extraordinaire. In this post, we expand the scope from insurance scenarios to include some broader enterprise contexts for externalized authorization. JM: Over the last couple of years, I have had lots of fascinating conversations with Architects in [...]
Categories: Architecture, Authorization, Standards, XACML
Comments: 2 Comments
Take 3, talking authZ and TOCTOU with Gunnar
March 18, 2011Here is part 3 of a conversation with Gunnar Peterson where we continue talking about externalized authorization, who in the organization is involved in an XACML system deployment – and it even includes a discussion of TOCTOU concerns as it relates to a XACML system. Thanks also to my colleagues, David Brossard and Pablo Giambiagi, for [...]
Categories: Architecture, Authorization, Standards, XACML
Comments: Be the first to comment
Part Two: Insurance Authorization Scenarios with James McGovern
March 2, 2011The conversation with James McGovern continues… here is the next installment in a series of posts on the applicability of XACML-based authorization for the insurance industry: JM: We had a great discussion covering basic entitlement scenarios and how they can be applied to the insurance vertical. Are you ready for some scenarios that are more [...]
Categories: Architecture, Authorization, Standards, XACML
Comments: 2 Comments
Have it your way
March 1, 2011Recent conversations with prospective customers have made me think of the long time Burger King slogan, “have it your way”. For Burger King, it was a way to offer an alternative approach to the one-size-fits-all menu of its competitors – chiefly MacDonalds. In most fast food restaurants, it is difficult to make modifications to your [...]
Categories: Architecture, Authorization
Comments: Be the first to comment
Part One: Insurance Authorization Scenarios with James McGovern
February 16, 2011In my past role of Industry Analyst at Burton Group, I used to have frequent conversations with James McGovern who at the time was in the role of Chief Security Architect for The Hartford and is now a Director with Virtusa where he focuses on Enterprise Architecture and Information Security. Recently, we had a dialog [...]
Categories: Authorization, Standards, XACML
Comments: 2 Comments
Talking authorization with Gunnar Peterson
December 15, 2010Gunnar Peterson and I had a discussion about why authorization should start to receive more attention in the infosec industry. He feels that most infosec pros are over emphasizing authentication and it’s time to look more toward authorization. Since I now work for Axiomatics, I couldn’t agree more . Here is a transcript of the conversation: [...]
Categories: Authorization, Standards, XACML
Comments: 2 Comments
Discussing XACML with Travis
October 6, 2010Travis Spencer (@travisspencer) raised a few issues with XACML and proposed some solutions in a recent blog post. I’d like to take this opportunity to respond in the interest of continuing the conversation. Thanks to my colleagues, Erik, David (@davidjbrossard), and Ludwig for their input. Point 1 – Lack of wire protocol definitions: The industry [...]
Categories: Authorization, Standards, XACML
Comments: 2 Comments
Weighing in on Pull vs. Push
August 20, 2010Bob Blakley certainly hit a nerve with his keynote presentation at Catalyst this year. He had been working on the concepts for his “Pull” identity architecture for some time and it was well received by the audience, sparking a lot of discussion and debate. Since the conference, we’ve witnessed a terrific continuation of the debate [...]
Categories: Authorization
Comments: Be the first to comment
