Open Policy Agent (OPA) is a powerful open source policy engine that can be used to enforce access control policies in cloud-native applications. OPA is highly flexible and extensible, and it can be used to implement a wide range of authorization policies. In this blog post, we will show how to implement fine-grained access control …
Introduction As Chief Information Officer (CIO) or Customer Identity and Access Management (CIAM) leader, it’s essential to understand the current nature of how organizations collect personal data about their consumers, which includes both direct and indirect methods such as tracking cookies, social media mining, customer surveys, and purchase history analysis. While this wealth of data …
From Data Goldmine to Data Minefield: Navigating the Risks of Personal Data Read More »
April 25, 2023 Introduction As a cybersecurity professional, I’ve seen firsthand how important it is for businesses to have strong customer identity and access management (CIAM) systems in place. These systems allow companies to provide secure access to their products and services, while also protecting their customers’ sensitive information. However, with the rise of sophisticated …
Introduction As a new Chief Information Officer (CIO), you may be tasked with modernizing your organization’s Customer Identity and Access Management (CIAM) program. A key component of this transformation is transitioning towards a product-led approach, which emphasizes customer-centricity, agility, and cross-functional collaboration. In this blog post, we will discuss how a new CIO can engage …
Transforming Your CIAM Program: A New CIO’s Guide to Building a Product-Led Team Read More »
In this article, I’ll discuss the advantages of using graph databases over LDAP for metadata labeling and verification. Verifying identity data, either by using a third-party verification or some internal mechanism, allows you to trust the data you have and use it for potentially higher-risk transactions. That’s where graph databases come in, as they offer …
The Secret Weapon for Identity Management: How Graph Databases Are Changing the Game Read More »
At a major medical center, managing access to sensitive patient health information is a critical concern. To ensure that patient data is protected, the center has implemented a Relationship-Based Access Control (ReBAC) system using Neo4j, which provides a flexible and granular approach to managing access control. The ReBAC system includes four key roles: doctors, patients, …
Harnessing the Power of Verifiable Credentials Welcome to Part 3 of our guide to Modern Consumer Identity and Access Management (CIAM) Platform! In this installment, we’ll be discussing the use cases and industries impacted by decentralized identity and verifiable credentials. Decentralized identity and verifiable credentials have become hot topics in the tech world as they …
A quick demo of OpenAM’s Token Translation Service According to Wikipedia: In a typical usage scenario, a client requests access to a secure software application, often called a relying party. Instead of the application authenticating the client, the client is redirected to an STS. The STS authenticates the client and issues a security token. Finally, …
On average I spend a lot of time opening documents online. One set of documents I refer to frequently is the ForgeRock Technical Document set. While it’s not overly arduous to open a browser tab and click on a bookmark or type in the URL, I have wanted to find a better shortcut for this task. …
A customer needed to ensure that passwords contained at least one ‘special character’ when a new password was created in OpenIDM. I borrowed heavily from the provided samples but had to figure out the correct regexp formatting. Here is the function that I used to implement this: function atLeastXSpecialChars(fullObject, value, params, property) { isRequired = …