1

Running Head: PBAC

Access Control

Name

Institution

Date
 2
PBAC
Access Control

Regarding the case by PlainID, Policy-Based Access Control (PBAC) is a hybrid of both

ABAC and RBAC models (PlainID, 2019). Such a blend underscores an innovative approach to

access management. Specifically, the principle involves the change from modest access control

lists and RBAC to a distinctly flexible system for controlling access by evaluating attributes. The

evolution implies a separation of access control code oversight and the application development

process. It minimizes one's need for refining application code following a change in business,

regulations, or internal operations. Thus, PBAC sets forth a centralized procedure for creating

policies that would regulate system access, and it allows firms to observe complex regulations in

an evolving and demanding regulatory environment.

Also, unlike earlier models for access control, PBAC involves a multi-dimensional

technique that eases management control (PlainID, 2019). Specifically, following its use of

attributes and policies, the system impedes role outburst, improves scalability, allows linkages,

and externalizes authorization. Such externalized authorization makes the method simple such

that there is less flooding of one's application code with security directives. Outsourcing tasks to

an external service should involve some consideration of the existing tradeoffs, yet the

advantages outweigh the limitations. The system is very forthright for a developer; all one has to

do is send a combination of attributes to the authorization utility, and ultimately handle the

permit/deny response. Similarly, the externalized authorization is a vital addition to

authentication, and firms can adopt more robust credentials to access critical or sensitive data.

Similarly, dynamic access control, coupled with ABAC, offers a clear view and control

of access (PlainID, 2019). The system allows one to permit or restrict user access to resources

and transactions in respect of multiple, relevant factors. As the case suggests, renowned
 3
PBAC
enterprises such as Global Bank are using the system to govern access to applications,

Application Programming Interfaces, databases, and big data. Correspondingly, the system

ensures one's use holds the critical context for making proper authorization decisions. For

instance, the externalized authorization service can link to almost any data source providing extra

user or resource context. One can rely on relevant parties, including system administrators or

security officers, to develop and manage access policies, or one can opt for managing one's

plans.

Moreover, PBAC reconciles business and information technology (PlainID, 2019). The

approach uses natural language policies that one can quickly analyze and share with auditors and

the compliance team, thus addressing the loop on access reviews. Likewise, externalized

authorization allows a firm's development team to focus on significant initiatives and abolishes

the need to write multiple additional lines of code to handle sophisticated access requirements.

The system's functionality implies that one can ensure that one's company data is accessible to

the appropriate persons, at the right time, for important reasons, and from the suited location and

device. PBAC is becoming the accepted approach for managing access control among

enterprises and agencies. If one contains critical or sensitive data that requires protection, one

probably has a case for dynamic authorization.

 4
PBAC
Reference(s)

PlainID. (2019). Case Study: Financial Institution evolves from RBAC to Policy Based Access
Control [YouTube Video].