Access Control Patterns and Practices with WSO2 Middleware Platform - Thursday, November 14, 2013

  • By Kushlani De Silva
  • 14 Nov, 2013

Access control rules are direct reflections of ever changing business requirements. They need to be.

  • Defined to the point with accuracy.
  • Tested against real data before putting in to production.
  • Governed and monitored properly.
  • Managed & evaluated centrally.
  • Decoupled from the application logic itself.
  • Flexible to change.
  • Scalable.

During this session, Prabath Siriwardena, Director of Security Architecture will explain how to build a common access control platform for your enterprise with WSO2 middleware, adhering to the above properties. He will further deep dive into Role Based Access Control, Attribute Based Access Control, Policy Based Access Control, XACML reference architecture, XACML Hierarchical Resource Profile, XACML multiple decision profile and future trends in XACML.


Prabath Siriwardena
Director, Security
Prabath Siriwardena is WSO2 director of security and was formerly the chair of the integration technologies management committee. He focuses on application security and identity management.He is an Apache Project Management Committee member involved in the Apache Rampart and Axis projects. He also has more than three years of industry experience in Microsoft .NET technologies.