.

Adding Contextual Information to the RBAC Decision

We don’t have to throw the baby out with the bathwater. RBAC has many good aspects that we’d like to preserve. It’s standards-based, meaning various implementations should interoperate. It works, and is already in place, pretty much everywhere. But we’d like to be able to sprinkle in a bit of context, allowing us to fix the role explosion problem, without breaking its interoperability, or bringing in another implementation, with yet another protocol.

No case studies on ABAC?

No case studies on ABAC?

The Symas Blog Keeping our clients up to date on big fixes, helpful tips, and more. Don’t get me wrong, everyone needs at least RBAC, but it has limitations and doesn’t work well with instance data in the authorization expression. This perceived need leads...