With the de-perimiterization of the enterprise, the modern enterprise has already become entitlement-based; we in the security industry just haven’t caught up with this yet. And unless our tools catch up with this change, we are going to keep burdening our customers with costly integration and compliance burdens. Entitlements is a common language that can help change the way identity is used as the foundation for defining holistic security policies and managing risk in the enterprise. In this talk I gave at an Oracle CSO event, I describe an entitlements-based approach to security
[Talk from an Oracle CSO event in 2011 // Associated Blog Post: blog.talkingidentity.com/2011/04/an-entitlement-centric-approach-to-security.html]
