- Define policies using metadata such as classifications.
- Deploy policies to a distributed decisioning layer, usually close to the data. For example, this could be to the data tool’s own internal access control mechanisms.
- Enforce policies to decide whether to allow or deny a specific request. This then happens in the tool for availability and performance.
This active metadata use case builds on the separations of duty popularized by XACML. Defining policies using metadata limits the number of policies required. By deploying policies to separate decisioning layers for enforcement, individual requests can be more efficiently handled.
Active metadata orchestration handles these without manual intervention to set up (and maintain) these different access control forms across systems.
Protect data regardless which tools are used to access it.
Automated key rotations
Automate the rotation of keys used for data store credentials to improve security.
Define access control policies at scale
Make access controls faster and easier to set up.
Security and compliance reporting
Report on interrelated metadata for security or compliance purposes.