Welcome to the tag category page for Authorization!
Keycloak is an open-source identity and access management solution that enables single sign-on and is aimed at modern applications and services. It offers features such as user federation, client adapters, an admin console, and an account management console. It implements standard IAM protocols including OAuth 2.0, OpenID, and SAML. Keycloak is under the stewardship of Red Hat as of March 2018 and is used as the upstream project for their RH-SSO product. It comes with a built-in LDAP/AD provider and can federate multiple different LDAP servers in the same realm. Overall, Keycloak is a versatile and flexible IAM tool that can customize various aspects of a product or module.
Ztna, also known as Zero Trust Network Access, is a security model that implements an adaptive trust model where access to a network or an application is only granted after explicit authorization. It creates an identity- and context-based, logical access boundary around an application or set. It is different from VPN as it only provides access to explicitly authorized applications and services, while VPN provides direct tunneled access to an endpoint on a corporate network. Ztna is considered better than VPN as it offers logical access perimeter and enables micro segmentation to protect assets outside the traditional perimeter. Ztna model offers secure access to the network while leaving applications vulnerable. In contrast, the Zero Trust Application Access (ZTAA) model provides secure application access only after device and user authentication. The difference between Ztna and SASE is that Ztna is the enforcement officer that ensures the perimeter is protected at the user level, while SASE is the security framework built from several tools combined.
