Consider the following example:
The users (User1 ... User4) access three different applications with different access rights.
- Applications:
- Public Portal: A public web application accessible by anyone without prior authentication.
- Customer Portal: A web application only accessible by known customers and selected administrators.
- Admin Portal: A web application only accessible by selected administrators.
- Users with allowed access (access policy):
Username | Public | Customer | Admin |
---|---|---|---|
User1 | |||
User2 | |||
User3 | |||
User4 |
- This information is stored in Airlock IAM and Airlock Gateway (WAF):
- Airlock IAM as Policy Information Point (PIP)
- Airlock Gateway (WAF) as Access Policy Enforcement Point