Facilitating the spread of knowledge and innovation in professional software development



Choose your language

InfoQ Homepage Access Control Content on InfoQ


RSS Feed
  • Microsoft Launches Azure Active Directory-Based Access Control for Service Bus

    In a recent statement, Microsoft has announced the general availability of Azure Active Directory (AD) based access control for Service Bus, enabling the option to use identities in combination with Role Based Access Control (RBAC) to authenticate against the service’s data endpoints. Moreover, they have also introduced accompanying RBAC roles, providing granular control over granted permissions.

  • AWS Identity and Access Management Gains Tags and Attribute-Based Access Control

    Amazon Web Services (AWS) recently enabled tags for IAM users and roles to ease the management of IAM resources. Notably, this release also includes the ability to embrace attribute-based access control (ABAC) and match AWS resources with IAM principals dynamically to "simplify permissions management at scale".

  • Google Releases New Security Features for Compute Engine: Resource-Level IAM and IAM Conditions

    Google announced two new Cloud Identity and Access Management (IAM) features to help customers manage their security and access control in the Google Compute Engine better. These features are the resource-level IAM to set policies on individual resources, and IAM conditions to grant access based on predefined conditions.

  • AWS Organizations Offers Centralized Policy-Based Account Management

    After a three month preview since re:Invent 2016, Amazon Web Services has recently moved AWS Organizations to general availability. The new service allows to centrally manage multiple AWS accounts within a hierarchy of organizational units and attach service control policies with fine-grained access permissions. AWS Organizations also supersede the formerly separate consolidated billing feature.

  • Fine-Grained Authorization for Java Applications

    A fine-grained authorization system based on XACML specification can increase agility and control in addition to traditional role based access control method of authorizing users based on their roles. Subbu Devulapalli spoke at JavaOne 2010 Conference about standards and deployment models in user authorization. He also discussed best practices when implementing authorization in Java applications.