Oracle Authors: Yeshim Deniz, Pat Romanski, Michael Bushong, Avi Rosenthal

Blog Feed Post

Going beyond simple authorization - taking context into account

Patrice Goutin from Oracle has written a useful guide to taking context into account for authorization decisions made with Oracle Enterprise Gateway (OEG) and Oracle Entitlements Server (OES). He uses the example of an art gallery which takes each employee's experience into account when allowing them to handle certain paintings. This goes beyond a simple authorization rule ("this employee can do this, this other employee can do that") or even Role-Based Access Control (where you'd have to assign employees to roles). Context is important. Other examples of contextual decisions, which you can also implement using OEG and OES, include controlling access to services based on where a client connects from, or what device they are using.

Read the original blog entry...

More Stories By Mark O'Neill

Mark O'Neill is VP Innovation at Axway - API and Identity. Previously he was CTO and co-founder at Vordel, which was acquired by Axway. A regular speaker at industry conferences and a contributor to SOA World Magazine and Cloud Computing Journal, Mark holds a degree in mathematics and psychology from Trinity College Dublin and graduate qualifications in neural network programming from Oxford University.