Back to Blog Archive
Technology

Access Control Architecture

Dec 31, 2019

When it comes to building an Access Control System (Identity and Access Management, Entitlement Services, whatever) or selecting one of the vendor solutions in the marketplace, it is critical to understand what a sophisticated Access Control System should comprise and be clear about how each component is implemented. Any missing component could lead to risks and maintenance challenges.

General Architecture

The following is a general purpose architecture diagram for any access control systems.

Central Security Guard

This is a single, central access point for all access channels requesting to access any protected resources. As an analogy, it's like the single entrance to a library building protected by a security guard. You could design a system that has multiple access points - for example, some services provide endpoints directly reachable by access channels, and each service has its own guarding mechanisms in place. However, this approach can lead to security holes, inconsistency, increased costs, and maintenance challenges.

Access Control Decision Engine

Access control decision is made in two processes:

  1. Verify who you are
  2. Check whether you have privileges to access what you are requesting
  3. (Optional): issue a temporary permit once the access is granted

For subsequent accesses, the aforementioned processes can be replaced by verifying a temporary permit e.g. an access token.

Authentication Service & Identity Store

Authentication service refers to Identity Store - an Active Directory for example - to verify user credentials which includes multiple factors (MFA).

Authorization Service & Policy Store

Authorization service exams the temporary permit and refers to the Policy Store to check all the applicable rules in order to make an YES or NO decision. The following diagram depicts a common authorization decision flow.

Information stored in a Policy Store includes:

  1. Resource Identifiers or catalogs and scopes
  2. Role and Policy associations
  3. Access Rules/Conditions

Administration

This is the component that allows Administrators (via GUI) or Admin App (via APIs) to manage Identity lifecycle, grant or revoke permissions, register or de-register devices, and change policy rules.

Monitoring

All activities should be logged and monitored in real-time with proactive Alerts. Custom Reports can be generated from the logs for analytics and audit purposes.

Previous Post A Chatbot Solution PoC powered by AWS Lex Next Post Embracing Potential
× Full size preview