Authorization:

  • Correct access rights at any time
  • Authorization through RBAC and ABAC
  • Manual and automated management

Authorization through RBAC and ABAC

waave quickly and securely grants and revokes access rights to applications and systems based on roles. If employees change departments, are promoted or leave the company, waave updates their access rights. Access rights can be granted manually in waave using the RBAC method or automatically using the ABAC method.

Simplified authorization thanks to waave

With waave you minimize the administration effort to a minimum, because you no longer have to grant and revoke access rights to the various target systems such as Active Directory, Office 365 and Microsoft Teams individually for each employee account, but can manage them based on roles. In this way, waave automatically assigns the required roles to your employees using the ABAC method, Attribute Based Access Control. Thanks to the RBAC method, Role based Access Control, you still have the option of manually assigning employees to the appropriate role. The ability to combine both methods means that you not only remain flexible, but also retain control. In addition, you always have an overview of the granted access rights.

RBAC: manual administration

Thanks to RBAC, Role Based Access Control, you can manually manage access rights in waave using predefined roles. For this purpose, you can define different roles, which contain the access rights to the target systems. Identities can then be assigned fast and easy to these roles and thus receive the corresponding access rights. If an employee changes his department, is promoted or leaves the company, you can update the access rights based on the roles.

  • Individual definition of roles possible
  • Management through predefined roles
  • Fast and clear management

ABAC: automated administration

Thanks to ABAC, Attribute Based Access Control, waave can automatically manage the roles and therefore grant access rights based on user attributes. This method goes further than RBAC. It is the automated method of RBAC: Roles are assigned based on defined user attributes. These attributes could include “Department” and “Location”. In this case, all employees of the marketing department with the location Switzerland are assigned to the role “Marketing Switzerland“. These attributes can be defined according to your needs. This automated method not only saves you time, but also ensures that access rights are always up-to-date.

  • Attributes can be defined individually
  • Management based on attributes such as location and department
  • Cut effort thanks to automated assignment of access rights
  • Access rights are always up-to-date

Example

You can define a role for all your Marketing employees based in Switzerland.

Using the RBAC method, you can now assign the role “Marketing Switzerland” to all employees of this department.

If you want to automate the administration, you can use the ABAC method: In this case, waave assigns the role automatically based on the attributes “Department” and “Location”.

Once employees have been assigned to the role based on one of the methods, the role then grants access rights to the corresponding target systems, such as the Marketing Share, Microsoft Teams and the CRM solution.