Posts Tagged ‘entitlements’
Authorization
In which I examine why XACML has failed to live up to my expectations, even if it isn’t dead, which has been the topic of a massive blogosphere battle in recent weeks. Some background I was working with the IT R&D team at Credit Suisse when we provided seed funding[1] for Securent, which was one […]
Filed under: identity, security | Leave a Comment
Tags: access control, ACL, authorisation, authorization, coarse grained, entitlements, fine grained, ldap, ldif, REST, Securent, service, SOA, SOAP, xacml
It’s time for another one of those posts where the purpose is to save me from repeating myself, and also hopefully seed some ideas into the industry. I take inspiration from my recent purchase of some Vibram Five Fingers, which I hope to review here another day. It boils down to this – I see […]
Filed under: identity, security | 1 Comment
Tags: account, audit, break glass, entitlements, idm, portal, provisioning, review, self service, service, system, technical
Why I’m a NAC nonbeliever
I was recently speaking at a conference, and the subject of network access control (NAC) came up. At the time I gave a rather glib answer that ‘it’s not the network that you wish to control access to, but the data and services that wrap it’. That’s been my position for some time, but it’s […]
Filed under: security | 2 Comments
Tags: entitlements, nac, reperimiterisation, reperimiterization, security
I promised a more detailed post about this in my previous one about ERM. This is not intended to be entitlements services 1-01, but there is some necessary preamble to set the scene. Somebody probably ought to write that tutorial, as web search and WikiPedia are unusually unhelpful in this area, but that’s not going […]
Filed under: security | 10 Comments
Tags: authorisation, authorization, directory, entitlements, identity, idm, ldap, ldif, pap, pdp, pep, xacml
Chris Swan's Weblog 