2243

Techstrong TV: Authorization, access management and identity, Emre Baran | OSS North America 2023

Published by Emre Baran on May 28, 2023
Techstrong TV: Authorization, access management and identity, Emre Baran | OSS North America 2023

As we navigate the evolving landscape of digital security, it's essential to understand the difference between authorization, access management, and identity. How and when we use these terms can shape the path to a more secure digital ecosystem.

In a conversation with Mike Vizard, Emre Baran, the CEO and co-founder of Cerbos, discussed these often misunderstood security concepts. Here's a brief summary of the discussion they had on the topic of authorization.

Unpacking the basics

Emre explained that although often used interchangeably, authorization, access management, and identity are distinct aspects of security, each playing a unique role in the broader security architecture.

Identity is all about answering the question, "Who is this?" This is the step where a system verifies who the user claims to be, usually through credentials like usernames and passwords.

Access management, on the other hand, is about defining and implementing who gets access to what resources. This ensures that individuals can access only the resources that they need to do their jobs.

Finally, authorization comes into play when deciding what actions a verified user can perform on a particular resource. Authorization is the last gatekeeper, ensuring users don't perform actions outside of their permitted boundaries.

Deep dive into authorization

Emre offered insights into the importance of this area of security. He emphasized that an effective authorization policy should not only protect sensitive resources but also be flexible enough to accommodate various needs and situations.

"Authorization is not a one-size-fits-all... Different contexts require different permissions. The more granular the authorization process, the more secure and personalized the user experience."

Emre also discussed the evolving challenges in the world of digital security. With rapidly changing technology and ever-increasing data breaches, organizations need to adopt an authorization approach that is both comprehensive and adaptable.

Full interview

Watch the recording of the entire conversation here to gain an even deeper understanding of the role that authorization plays in creating a safer digital environment.

Stay informed. Stay secure.

PRESENTATION

Book a free Policy Workshop to discuss your requirements and get your first policy written by the Cerbos team

Related Articles

The Scripting Den podcast: Exploring the evolution of security post-MVP | Cerbos

The Scripting Den podcast: Exploring the evolution of security post-MVP | Cerbos

Alex Olivier on April 21, 2024
PRESENTATION
GUIDE
The Business of Open Source podcast: From open source to enterprise, Alex Olivier on Cerbos' evolution

The Business of Open Source podcast: From open source to enterprise, Alex Olivier on Cerbos' evolution

Alex Olivier on April 14, 2024
PRESENTATION
GUIDE
Revolutionizing access control with Cerbos | Chris Chinchilla

Revolutionizing access control with Cerbos | Chris Chinchilla

Alex Olivier on April 02, 2024
PRESENTATION
GUIDE
We use cookies and other forms of website navigational information to offer you a better browsing experience, analyze site traffic, personalize content, and serve targeted ads. Read about how we use cookies in our Privacy Policy. If you continue to use this site, you consent to our use of cookies.