Okera Architecture

Universal Data Authorization

Okera dynamically authorizes and audits every query to comply with data security and privacy regulations. Okera integrates seamlessly into your infrastructure – in the cloud, on-premise, and with cloud-native and legacy tools.

Universal Policy Management

Simplify and standardize powerful fine-grained access control policies. Write once, apply everywhere.

Dynamic Policy Authorization

Enforce sophisticated data security and privacy policies for every data access request at run-time. Filter, hide, mask, and tokenize sensitive data as queried.

Data Usage Intelligence

Accelerate compliance reporting and discover and remediate inappropriate data usage. Know who has access to sensitive data, and how and when they used it.

FGAC

Provision and restrict access to data at the column, row, and cell level with conditional logic in order to comply with data security mandates and privacy regulation.

RBAC and ABAC

Simplify and generalize policies based on common user roles with Role-Based Access Control (RBAC). Define rich policies leveraging metadata, user attributes, and real-time context with Attribute-Based Access Control (ABAC) in order to scale policy enforcement over time.

Distributed Stewardship

Administrators configure the platform and set global data policy. Data registration and policy management can be delegated to the business domain stewards.

Universal Client & Programmatic Access

Okera provides native client libraries, a BI Gateway for JDBC/ODBC connectivity, and a REST API for programmatic enforcement requests

Push-Down Policy Enforcement

For high-performing systems, Okera intercepts the query, rewrites it (masking, tokenization, etc), then pushes the authorized query down to the underlying data source for the fastest possible query performance.

Scale Policy Enforcement

Isolate direct data access with Okera nScale™ so public cloud compute frameworks only work with authorized data. On-cluster co-location delivers speed and elastic scalability.

Authentication

Authenticate every request in real time, integrated with enterprise authentication and Single Sign-On (SSO) solutions: oAuth, SAML (Okta, Ping), Microsoft Active Directory, and more.

Active Metadata Registry

Keep authorization policies up-to-date with real-time user and data attributes. Integrate with your identity access management system and enterprise data catalog, and/or use Okera’s ML-powered data discovery to automatically detect and tag sensitive data.

Automation and APIs

Leverage Python, Java, and REST APIs for custom integrations and enterprise workflow automation.

Request a demo

Request a demo

See how Okera can accelerate your data journey

Book now

Datasheet

Datasheet

Use Data Responsibly with Universal Data Authorization

Download

Okera

Okera

GDPR Ready Architecture

Explore

Webinar on demand

Webinar on demand

Scaling Data Access and Governance

Register and watch

Okera Integrations

Visit Okera.com for more details

Google Cloud Platform

Google Cloud Platform

Snowflake

Snowflake

Azure

Azure

Amazon EMR

Amazon EMR

AWS

AWS