KCOS Logo

Major Use Cases and Capabilities

The top use cases and capabilities that solutions in this market address. Choose your use case for a personalized view on product requirements.

Major Use Cases

The main use cases for PBAM technology adoption and their principal characteristics as observed are listed in the table below:

Authorization in Digital Services

The most popular use case currently is policy-based authorization in digital services, where authorization decisions are externalized to OPA modules or other external components. This allows developers to focus on the business functionality, not requiring them coding own authorization models. Authorization then is controlled by policies that can be defined using the REGO language.

Enterprise-scale Externalization of Authorization

For both traditional environments and digital services, externalizing authorization to PBAM solutions that support multiple applications provides a significant benefit by applying policies consistently across services. In contrast to many OPA approaches that are targeting single digital services, both XACML-based approaches and solutions extending OPA support such enterprise-scale concepts.

JIT Privileged Access

In PAM (Privileged Access Management), just-in-time (JIT) approaches for granting access to privileged users are increasingly popular. These rely on policy-based access controls. While these implementations commonly are proprietary, the market is progressing towards open, standards-based approaches supporting a broader set of use cases.

CIEM (Cloud Infrastructure Entitlement Management)

CIEM is a term for an emerging product category that increasingly is converging with PAM. It adds a focus on service access to resources in dynamic execution environments, in particular IaaS (Infrastructure as a Service). PBA

Central PBAM

Policy-based access controls are common in a wide range of applications and services. Risk- and context-based authentication, FRIP (Fraud Reduction Intelligence Platforms) or firewalls rely on policy-based controls. Integrating policy management and governance across such use cases bears a significant potential for increasing security and governance.