Here is the third installment in a series of conversations I have had with James McGovern, enterprise architect extraordinaire. In this post, we expand the scope from insurance scenarios to include some broader enterprise contexts for externalized authorization. JM: Over the last couple of years, I have had lots of fascinating conversations with Architects in [...]
Archive for the ‘Authorization’ category
« Analyzing Identity home page
Part Three: Enterprise Authorization Scenarios with James McGovern
April 6, 2011Categories: Architecture, Authorization, Standards, XACML
Comments: Be the first to comment
Take 3, talking authZ and TOCTOU with Gunnar
March 18, 2011Here is part 3 of a conversation with Gunnar Peterson where we continue talking about externalized authorization, who in the organization is involved in an XACML system deployment – and it even includes a discussion of TOCTOU concerns as it relates to a XACML system. Thanks also to my colleagues, David Brossard and Pablo Giambiagi, for [...]
Categories: Architecture, Authorization, Standards, XACML
Comments: Be the first to comment
Part Two: Insurance Authorization Scenarios with James McGovern
March 2, 2011The conversation with James McGovern continues… here is the next installment in a series of posts on the applicability of XACML-based authorization for the insurance industry: JM: We had a great discussion covering basic entitlement scenarios and how they can be applied to the insurance vertical. Are you ready for some scenarios that are more [...]
Categories: Architecture, Authorization, Standards, XACML
Comments: Be the first to comment
Have it your way
March 1, 2011Recent conversations with prospective customers have made me think of the long time Burger King slogan, “have it your way”. For Burger King, it was a way to offer an alternative approach to the one-size-fits-all menu of its competitors – chiefly MacDonalds. In most fast food restaurants, it is difficult to make modifications to your [...]
Categories: Architecture, Authorization
Comments: Be the first to comment
Part One: Insurance Authorization Scenarios with James McGovern
February 16, 2011In my past role of Industry Analyst at Burton Group, I used to have frequent conversations with James McGovern who at the time was in the role of Chief Security Architect for The Hartford and is now a Director with Virtusa where he focuses on Enterprise Architecture and Information Security. Recently, we had a dialog [...]
Categories: Authorization, Standards, XACML
Comments: Be the first to comment
Talking authorization with Gunnar Peterson
December 15, 2010Gunnar Peterson and I had a discussion about why authorization should start to receive more attention in the infosec industry. He feels that most infosec pros are over emphasizing authentication and it’s time to look more toward authorization. Since I now work for Axiomatics, I couldn’t agree more . Here is a transcript of the conversation: [...]
Categories: Authorization, Standards, XACML
Comments: 2 Comments
Discussing XACML with Travis
October 6, 2010Travis Spencer (@travisspencer) raised a few issues with XACML and proposed some solutions in a recent blog post. I’d like to take this opportunity to respond in the interest of continuing the conversation. Thanks to my colleagues, Erik, David (@davidjbrossard), and Ludwig for their input. Point 1 – Lack of wire protocol definitions: The industry [...]
Categories: Authorization, Standards, XACML
Comments: 2 Comments
Weighing in on Pull vs. Push
August 20, 2010Bob Blakley certainly hit a nerve with his keynote presentation at Catalyst this year. He had been working on the concepts for his “Pull” identity architecture for some time and it was well received by the audience, sparking a lot of discussion and debate. Since the conference, we’ve witnessed a terrific continuation of the debate [...]
Categories: Authorization
Comments: Be the first to comment
Diagramming XACML Performance
July 14, 2010In a previous post discussing XACML performance myth-busting, I described several areas in an XACML authorization system where performance issues can be addressed. Since then, my colleague David Brossard created the diagram below to illustrate potential performance bottlenecks. To refresh your memory, here is the issue for each numbered item in the diagram (see the [...]
Categories: Authorization, Performance, XACML
Comments: Be the first to comment
Concordia hosts Authorization Standards Workshop
July 9, 2010The Concordia Discussion Group is planning another workshop at Burton Catalyst North America, continuing a trend of providing timely and informative events. I have had the pleasure of participating in the past and will provide an update on what is new in XACML 3.0 this time around. XACML 3.0 is nearing ever closer to formal [...]
Categories: Authorization, Standards, Workshop
Comments: Be the first to comment
