Externalizing Fine-grained Authorization from Applications

In a recent article published by Sys-Con, Marc Chanliau from Oracle highlighted the mechanics and benefits of externalizing fine-grained authorization policies from applications.

While URL-based coarse-grained authorization can be enforced using conventional web access management solutions, fine-grained authorization decisions are typically enforced at application run-time. For instance, if access to confidential data (such as user’s Social Security Number) is granted to a user only if he meets certain conditions, then those checks are typically performed at run-time. This led to complexities with building security for applications. It also led to a joint evolution of security policies with application logic which negatively impacted developer productivity. In this article, Marc Chanliau explores the need to externalize authorization from applications and then delves into the mechanics of externalizing authorization policies using Entitlement Servers.

Here’s a link to the complete article.

If you’d like to learn more about externalizing authorization from applications, check out the replay of our recent webcast on Oracle Entitlements Server 11g. We also have two additional webcasts coming up which explore the declarative security paradigm and its business benefits.

· Webcast: Demystifying Declarative Security

· Webcast: Declarative Security for Mobile Apps 

Comments:

Thanks for the hint

Enrico

Posted by Enrico on August 01, 2011 at 02:36 PM PDT #

good

Posted by graduationdress on August 01, 2011 at 04:26 PM PDT #

Excellently written article, if only all bloggers offered the same content as you, the internet would be a much better place. Please keep it up!

Posted by wedge anchor on August 01, 2011 at 04:33 PM PDT #

I must say that you are pretty good at blogging and you must need to carry on with this all the time. Keep it up.

Posted by http://www.genesishealthinstitute.com/testosterone.php on September 14, 2012 at 04:36 AM PDT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

Oracle Identity Management is a complete and integrated next-generation identity management platform that provides breakthrough scalability; enables organizations to achieve rapid compliance with regulatory mandates; secures sensitive applications and data regardless of whether they are hosted on-premise or in a cloud; and reduces operational costs. Oracle Identity Management enables secure user access to resources anytime on any device.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
3
4
5
6
7
8
11
12
13
15
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today