Over the holiday I caught a flight. If you spend much time at the airport, I hope you take advantage of the TSA PreCheck. It’s marvelous and what a difference in terms of your experience. With the program, you pre-screen so airport personnel instantaneously know the risk you pose. For travelers, the benefits are a less stressful experience with quicker access and improved security.
While not waiting in line, I found myself thinking of the 2020 Gartner IAM Predication: Attributes Are Now "How We Role". According to Gartner by 2020, 70% of businesses will use attribute based access control (ABAC) to protect critical assets.
Gartner recognizes employees, contractors, consultants, suppliers, partners, and the channel need access to enterprise systems. They also need assets like computers, mobile phones, tablets, equipment and materials. Many during their engagement lifecycle also assume multiple roles making Role Based Access Control (RBAC) obsolete, because the practice mostly relies on manual processes for access certification and governance.
Solutions Gartner termed Attribute Based Access Control (ABAC) let you better define access to critical systems and manage assets. ABAC works similar to PreCheck. It lets you apply business rules and leverage workflow to identify risks in business operations. The principles of ABAC apply the same for IT service catalog, user provisioning and request management systems. The application of ABAC separates risks from routine workflow. It allows for the calculation of risk scores and alerts triggered by business rules and workflow automation.
In the 2020 IAM Predications, Gartner goes on to state identity management in the future will include the "Internet of things" meaning whatever people own, share and use on-the-job. ABAC makes the "Internet of things" possible. At the 2011 Gartner IAM Summit, Avatier CEO, Nelson Cicchitto, announced the death of RBAC. In its place, he described "assignment management" or "assignment based access control". ABAC lets you automate and enable self-service user provisioning and group management. It uses data from authoritative sources in conjunction with automated workflow and a business rules engine to make processes more efficient and secure.
ABAC represents the future. Similar to PreCheck, it offers an enhanced user experience while freeing security to focus more attention on real threats. It’s a real win-win for business enablement and IT operations. Best of all, 2020 identity management systems leveraging ABAC are proven and already in product today.
Get the Free KuppingerCole Identity Management Analyst White Paper
Learn the future of identity and access management and the role IT automation and business driven self-service administration play in business performance success. KuppingerCole’s Assignment Management — Think Beyond Access describes the shift in IT operations from tightly controlled identity management processes to workflow enabled administration.