"We tried to implement access controls on our Cloud document storage, but found the available solutions were either locked to a specific storage technology or required a ton of resources and time to implement.
Attribute Based Access Control (ABAC) is defined as an access control mechanism that utilizes certain attributes available at the time a request is made to dynamically determine if access should be granted or denied based on a pre-defined access control policy. The most notable benefit of ABAC is an ability to apply an access control policy without prior knowledge of the user, and to apply such policies to an unlimited number of users.
The concept of Attribute Based Access Control has existed for many years, however it has recently gained popularity and is considered a “next generation” authorization model because of the capability to provide dynamic, context-aware security that allows enterprises to achieve efficient regulatory compliance.
Considering the total cost and complexity of an ABAC deployment, including substantial development effort required to modify existing applications, a more efficient method of implementing policy decision points is to use a network-layer deployment such as DataStealth.
DataStealth transparently applies Attribute Based Access Control to existing applications and data flows by inspecting the network traffic as it flows through the solution and dynamically executing access decisions. Every organization has unique requirements, and the flexibility of DataStealth protection policies allow configuration of resources ranging from elements such as web pages or function right down to individual fields in a database table.