This new white paper provides an in-depth overview (60 pages) on authorization and how applications make decisions. Approaches for externalizing authorization using RBAC, ABAC, and PBAC are discussed and illustrated, highlighting their strengths, weaknesses, and where each performs best. In summary, a methodology dubbed Compliant Access Delivery is proposed, combining the best of RBAC, ABAC, and PBAC with the principles of Zero Trust and Least Privilege.
When executed correctly, this approach automates access assignments reducing an organization’s attack surface, making it harder for attackers to find privileged credentials, and offers them fewer capabilities to perform malicious activities when they compromise a privileged account.
Provide simple and secure automation and Zero Trust management of identities and their access