white standard LED signage mounted on wall

Announcing AuthZEN – the next iteration in authorization standards

Many of you will be familiar with Randall Munroe’s fantastic xkcd cartoon site. He’s even got a strip for what I’m going to talk about… Standards. I’d been a member and editor of the XACML Technical Committee for about a decade until I decided to move on to the world of Consumer Identity (CIAM) before returning a few months ago to my first love. In the time I was away, new standards emerged (Rego, Oso, Cedar, Zanzibar) and so it felt about time I hopped onto the standardization bandwagon again to promote and streamline authorization. Lo and Behold AuthZEN. My peers Atul Tulshibagwale (SGNL) and Omri Gazitt (Aserto) gave this excellent presentation on the goals of the AuthZEN WG at […]

arrows pierced on a target

What is a XACML target?

Today’s Friday, the weather has been amazingly nice these past few weeks in Stockholm which is all the more surprising since September is on the slope down to darker, wetter, and colder days. The weekend ahead looks promising. I’ll be heading out to fellow colleague, Andreas’ summer house out in the archipelago. But before I walk out the door, I thought I’d share a bit of XACML know-how to chew on over the next couple of days. In the training sessions we regularly give at Axiomatics, attendees often ask what a target is. XACML Target Definition A target is an element of the XACML policy language. It can occur in policy sets, policies, and rules. The target is used to […]

brown wooden surface

Coarse-grained vs. fine-grained access control – part I

A few weeks ago, Baljinder Wadhwa, a consultant at HP, started an interesting thread on coarse-grained vs. fine-grained access control trying to figure out what the differences were between the two. His question generated a high level of great answers that went in different directions. This post aims at summarizing those answers, bringing in my own view, and producing a structured answer to Baljinder’s question. Here goes… Vocabulary definition Coarse: (1) composed of relatively large parts or particles <coarse sand> (2) : loose or rough in texture <coarse cloth> Fine: (1) very thin in gauge or texture (2) : not coarse <fine sand> (3) : very small (4) : keen <a knife with a fine edge> (5) : very precise […]

Access Control (or the lack thereof) in litterature: how not to implement border control…

I have started reading Hemingway’s masterpiece “Fiesta, the sun also rises” during my commute to/from work. Apart from being an interesting insight into post-war Europe, it also gave a brilliant example of access control being overturned… Just then an old man with long, sunburned hair and beard, and clothes that looked as though they were made of gunny- sacking, came striding up to the bridge. He was carrying a long staff, and he had a kid slung on his back, tied by the four legs, the head hanging down. The carabineer waved him back with his sword. The man turned without saying anything, and started back up the white road into Spain. “What’s the matter with the old one?” I […]