Does Access Manager enforce centralized security policies of user entitlements by leveraging role- and rule-based access control?
Yes, Access Manager supports role-based access control (RBAC) as established, that is, the assignment and removal of role-based privileges that you can collect in the Policy Store for policy enforcements or SAML assertion exchanges. You can also store the privileges in native stores for policy enforcement by native applications. In addition, you can set rules on roles (users, groups, organizations, resources) and eliminate hard requirements for roles. To better serve Web-based intranets, make policies resource-centric instead of user-centric. For a given resource, you can define who can access that resource and in what way. Out of the box, Access Manager can handle non-Boolean decisions, for example, “What access level is allowed for this user?” Furthermore, you can delegate policy administration to the account holder or a help-desk assistant.
Related Questions
- My company has three branches each of which has its own IT management. Can I delegate bandwidth management and branch specific security policies to each branch IT manager?
- Does Access Manager enforce centralized security policies of user entitlements by leveraging role- and rule-based access control?
- Is it always necessary to configure the Security Manager user account in the CS-MARS database to perform events lookup?