Modern digital sites and applications — be they on web, mobile, or IoT devices — offer customers a variety of different experiences, services, and data. Janrain Advanced Policy Manager, which can be used with Janrain’s or most other CIAM solutions, makes it easy and efficient to centrally control who has access to what, across all your sites, inside and outside your organization. Access policies for content behind paywalls, restrictions for certain ages, user types, regions or similar criteria can easily be defined, enforced, and managed.
In today’s increasingly connected world, organizations strive to deliver more and better digital experiences, collecting and managing more customer data than ever before. As online properties become more sophisticated, the complexity of managing trust and access in real-time is growing as well. Deciding who can do what is not an easy task.
For modern online properties, it is not enough to authenticate customers’ identities; brands must also determine if they are authorized to use certain services or access certain data. For example, subscribers of an online news publication need to be authenticated upon login, but access to basic or premium content is granted based on which subscription customers have purchased. The subscription level is an attribute of the customer profile, and access is controlled based on this attribute.
Today’s access control requirements can involve complex rules and decision factors:
Gartner predicts that attribute-based access control (ABAC) will be used by 70% of enterprises by 2020, replacing role-based access control (RBAC) as the dominant mechanism to protect critical assets. Janrain Advanced Policy Manager supports this evolution by enabling businesses to handle even the most complex control requirements. It makes access management simple and agile, with policies that are easy to set up and that manage access centrally and across the entire business.
Decision as a service: Trust frameworks for access authorization
Today, access authorization is typically fragmented and distributed across multiple functions within an enterprise, hard-coded into various local applications and implemented using a variety of non-standard techniques and technologies. This disjointed approach makes policy changes cumbersome, costly to implement, hard to document or audit and, most importantly, unsecure and error-prone.
With the Janrain Advanced Policy Manager, brands can easily create and manage business rules that define who is authorized to access a particular website, mobile application, IP-connected device or a specific resource or product, and under what conditions
Policy Administration Point (PAP)
The Advanced Policy Manager is the front-end user interface for business users, providing a powerful policy administration point (PAP) and enabling easy management of authorization policies by non-technical users. Advanced Policy Manager lets you quickly create business rules to define who is authorized to access what resource, and under what conditions.
Policy Decision Point (PDP)
The Authorization Engine analyses each incoming access request and determines whether it should be accepted or denied, based on the business rules set up in the Advanced Policy Manager. Built for high performance and scalability, requests are evaluated in milliseconds, with no perceptible delay to the end user. The Authorization Engine logs every request (accepted or not) to give you a complete audit trail of access requests.
The PDP Framework gives you visibility of policies, rules and access requests in one location, a complete view of who can access what and who has accessed what. It establishes a central governance point for access management using Advanced Policy Manager, centralized proof of compliance, and a valuable source of real-time intelligence for your information security functions, as well as for business intelligence.