Home | Community Forum | Blog

Dynamic Data Protection using Attribute-Based Access Control (ABAC)

NextLabs Articles

Nowadays, data has become a valuable corporate asset of strategic and functional importance. The globalization of supply chains and various organizational consolidations call for a more flexible and agile solution to data protection that allows communication and information sharing. 

The white paper, Dynamic Data Protection using Attribute-Based Access Control (ABAC), discusses the importance of dynamic data protection in relation to Attribute-Based Access Control (ABAC)Starting with the comparison between the mechanisms of Role-Based Access Control (RBAC) and ABAC, this paper elaborates how ABAC offers a more scalable solution to companies in a capricious environment. Applying ABAC, Data Access Enforcer (DAE)NextLabs data access security solution dynamically protects data through data masking, format preserving encryption (FPE), segregation, and data manipulation. Download the white paper to read three use cases of the range of scenarios DAE is suitable for.

Download the White Paper

RBAC vs. ABAC

RBAC is an access control mechanism that assigns multiple access privileges to roles, which is in turn assigned to a user. It is the most used access control method in companies today, but facing today’s dynamic business and digital environment, it lacks flexibility and scalability in data protection and segregation and can easily result in a role explosion. 

In comparison, ABAC offers an alternative approach with more scalability, simplicity, and consistency across applications. It relies on runtime determination of access using predefined policies that evaluate different attributes of the user every time a user attempts to access the data and applications. Nowadays, ABAC has growing popularity among companies looking for more secure and flexible solutions for access control. 

NextLabs Data Access Enforcer (DAE)

Nextlabs DAE provides dynamic data-level security controls and fined-grained data access governance to a variety of applications. Through NextLabs’ patented Dynamic Authorization platform, organizations can leverage attribute-based policy and centralized policy management to improve their security and compliance posture by relying on the three key features of DAE:

  • Dynamic Data Filtering: DAE provides the option to filter data by granting access to view the data only to authorized users with the assigned attributes, such as industry, location, positions, etc.
  • Data Masking: NextLabs DAE supports two types of data masking, Dynamic Data Masking and Format Preserving Encryption (FPE). FPE protects data at rest while Dynamic Data Masking protects data on the fly. FPE obfuscates sensitive information at the database level and data is only decrypted to authorized users, whereas dynamic data masking is applied at the data access level, and masking of data is managed in real-time based on policies.
  • Data Manipulation Controls: DAE also helps organizations to control the authorization of data manipulation at both application layer level and at the database level.
 

Download the white paper to learn more about how NextLabs Data Access Enforcer (DAE) can be used to dynamically protect data using ABAC to ensure that data remains secure through multiple use cases. 

To comment on this post
Login to NextLabs Community

NextLabs seeks to provide helpful resources and easy to digest information on data-centric security related topics. To discuss and share insights on this resource with peers in the data security field, join the NextLabs community.

Zero Trust Data Centric Security

NextLabs® patented dynamic authorization technology and industry leading attribute-based zero trust policy platform helps enterprises identify and protect sensitive data, monitor and control access to the data, and prevent regulatory violations – whether in the cloud or on premises

Grow with confidence

Become an Insider
Request Demo

Quick Links

About NextLabs

NextLabs Community

Contact Us