 Why policy-based authorisation is critical for identity-first securityGal Helemski
Cyber Security: A Peer-Reviewed Journal, 2023, vol. 7, issue 2, 172-180 Abstract: The enterprise perimeter is changing; it is now about data objects, application programming interfaces (APIs), microservices and applications. In this evolving, decentralised and highly segmented world, security and identity access management (IAM) leaders find themselves struggling with a security methodology to address their concerns — specifically to answer the very basic question: Who has access to what and when? Identity-first security is emerging as the most effective way to answer these concerns, by placing identity at the centre of the security design. This paper will cover the ‘why’ of identity-first security, what is important to know and consider, and then the ‘how’ it can be achieved. The paper argues for this methodology and presents detailed flow of why modernised policy-based authorisation is crucial for identity-first security. The paper is directed to security and IAM professionals and leaders who want to learn more about how security and identity are tightly coupled and the way to get there with policy-based authorisations. Keywords: identity-first security; PBAC; policy-based authorisation; authorisation; identity-aware security (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2023:v:7:i:2:p:172-180 Access Statistics for this article More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.