The Problems of Decentralized Authorization
Continue Reading July 26th, 2010 Ben Northrop
In a previous post, I laid some of the conceptual groundwork for authorization in the tricky world of SOA. Now, a year older and a year wiser (I hope!), I’d like to swing back around to the topic of authorization, but broaden the scope a bit - talking not just about authorization and SOA, but about authorization and the whole enterprise “ecosystem” (services, applications, user interfaces, etc.).
In this post I’d like to describe the decentralized, “every man for themselves” model of authorization that is most common in organizations, and the problems inherent. In later posts I hope to touch on some possible paths out of this chaos - the XACML standard, the model of pre-determined access control, and attribute services. Here goes…
