An Intellyx Brain Candy Brief
Authorization is essentially an unsolved problem in computing. Partial solutions exist, but it’s still not possible to define in any standard way exactly which data items in a database which people can access or update, for example.
Coarse grained solutions are on the market, but they tend to start with the server side view – in other words, defining a role based access control matrix or a set of permissions associated with a resource such as a file, database, or API.
Pomerium on the other hand starts with the client side view, associating a kind of intent context with the ID to control access for a request. It associates context policies with IDs. It’s not an ID management solution but complements IDMs.
But the proliferation of IDs in the device and agentic world requires an approach to authorization beyond what’s been implemented for traditional human oriented controls.
To meet the new requirement, Pomerium provides a hosted control plane to manage a reverse proxy deployed at the network edge that provides the context and ID awareness at the network level. It’s not a reverse proxy at the perimeter such as a web application firewall (WAF) although there are some similarities to a WAF.
Because Pomerium works at the network level it doesn’t deploy software on personal devices or servers. Instead it associates the context with an ID to control access within the network protocol to the target of each request from a human, agent, or device.
Copyright © Intellyx BV. Intellyx is the change agent industry analysis and advisory firm focused on enterprise transformation. Covering every angle of enterprise IT from mainframes to artificial intelligence, our broad focus across thnologies empowers business executives, IT professionals, and software vendors to leverage disruptive trends to succeed in a dynamic business environment.. No AI was used to produce this article. To be considered for a Brain Candy article, email us at pr@intellyx.com.
