top of page

No case studies on ABAC?

Shawn McKinney

Updated: Aug 10, 2021


Don’t get me wrong, everyone needs at least RBAC, but it has limitations and doesn’t work well with instance data in the authorization expression. This perceived need leads me to look for case studies describing large-scale deployments of ABAC.

For example I’d like to read about:

  • A global phone company that controls access to their cellular accounts using ABAC.

  • National retail chain that uses it at the point-of-sale.

  • Multi-national financial institution controlling payments over the Internet.

  • Large medical facility controlling patient data in real-time.

Something with millions of users and thousands of requests a second. I was unsuccessful finding one like that. I did find a few published by vendors, single app usage, low volumes.

Why no case studies? I can speculate it’s because adoption has been disappointing slow.1

FOOTNOTES

113 views0 comments

Recent Posts

See All

The Achilles Heel of LRU Caches

Ever since we released LMDB, our advice to software designers has been "don't do application level caching. Let the kernel handle it for...

Additions and Subtractions

Symas is pleased to announce that its OpenLDAP builds, which have long been available for the x86_64 architecture, are now joined by a...

Comments


bottom of page