KuppingerCole Executive View Cloudentity Authorization Control Plane

Cloud entity Authorization Control Plane

IT organizations often contend with information from multi-security services located on-premises, cloud, and even multi-cloud environments that can be inconsistent, increasing attack risks if not adequately addressed. Cloud entity Authorization Control Plane offers a contextual dynamic authorization solution that protects APIs intelligently and automatically.

Over the past decade, IT environments have become increasingly complex as organizations grapple with accelerating technology advances. Organizations are increasingly seeking solutions that permit line-of business applications to access corporate data while ensuring access is appropriate, authorized, and adhering to applicable regulation is expected.

Authorization is the act of verifying a user’s entitlements that grant them access to a specific controlled resource. This is often performed within a computer via an internal store of user accounts and entitlements to specific functionality, but such an approach makes it difficult to employ enterprise-wide access control policy management and enforcement. A properly deployed dynamic authorization service takes access control to the next level. It enables enterprises with sensitive data to more finely control access to protected resources, across a variety of use cases.

Dynamic contextual authorization meets many of the demands seen by IT organizations today, such as the need to provide fine-grained access controls over data resources or authorization of data for GDPR compliance purposes, as examples. With more organizations exposing digital services over APIs, there is a growing need to externalize dynamic contextual authorization to APIs across multiple platforms and manage it in a centralized way to ensure compliance. Consider PSD2 and Open Banking use cases that are driven by privacy and demand for API services. Banks will have to provide secure APIs for Third Party Providers (TPPs) and other banks to use. Banks will need to compete more efficiently and protect themselves from a much greater risk of fraud, which dynamic contextual authorization will help mitigate.