Some challenges with Authorization Handling of IT systems

(Business rule management, TCPS)

Our TCPS club on 19th March 2013 dealed with the question how business rules and authorization rules relate to each other? Questions were asked and answered in the keynote speech by Mr. István Ragó CSO of Erstebank Hungary and in a follow-up presentation by Mr. Zoltán Tánczos Jr. from T-Logic.

tcps.logoAnalyzing Authorization-handling of IT systems we concluded that there is an urgent need for standardization and centralization of Authorization rules, as it has happened in the recent past years for Authentication.
Why is this much more difficult for Authorization? Definitely: tools are needed for. The power of TCPS was presented by solving a typical problem of large database implemetations. How can be content sensitive access rights externalized without running into the problem of calling the Authorization rules row by row?

Related news: