Rules
Description
A rule is the most elementary unit of policy. It may exist in isolation only within one of the major actors of the XACML domain. In order to exchange rules between major actors, they must be encapsulated in a policy. A rule can be evaluated on the basis of its contents.
A rule is composed by a target, an effect and a condition. It is able to add more than one rule to the policy.
Screen overview
Custom attributes
- Rule: rule name.
- Description: brief description of the rule.
- Effect: "Rule effect declaration. When a rule evaluates to ‘True’ it emits the value of the Effect attribute. This value is then combined with the Effect values of other rules according to the rule combining algorithm."Two values are allowed:
- Permit.
- Deny.
- Target
- Conditions
Actions
Add new |
Allows you to add a new rule to the rules list. To add a new rule you need to click the add button, located at the end of the header and fulfill the form and save the data. |
Delete |
Allows you to delete a rule to the rules list. To delete the rule, you need to click the rule you want to delete, and click the button with the subtraction symbol (-) at the end of the record. To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation. |
Close |
Allows you to save the data of a new rule or to update the data of a specific variable. To save the data it will be mandatory to fill in the required fields |
Undo |
Allows you to quit without applying any changes. |
https://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf