Search Results

Upgrade  To upgrade PAM you will need to run two scripts, one for the store and the other for the launcher. Upgrade store To upgrade the storage container you can download and execute the following script: upgrade-store.sh ~/Downloads$ bash ./upgrade-store...

Why PAM? Privileged Account Management (from this point forward: PAM), allows you to manage accounts that are necessary to perform scheduled configuration and maintenance tasks, as well as supervening tasks such as the recovery of a hardware or software failu...

What is XACML? XACML "eXtensible Access Control Markup Language" is an open standard XML based language. The standard defines a declarative fine-grained, attribute-based access control policy language, an architecture, and a processing model describing how to...

Description The policy reference is used to reference a policy element. The reference is made by id of the policy. However, the mechanism for resolving a policy set reference to the corresponding policy  is outside the scope of this specification. Related ob...

Description The policy set reference is used to reference a policy set element. The reference is made by id of the policy set. However, the mechanism for resolving a policy set reference to the corresponding policy set is outside the scope of this specificati...

Description The PEP, Policy enforcement point,  is a component of policy-based management, where enforce the policies. It is the component that serves as the gatekeeper to access a digital resource. The PEP gives the PDP, Policy Decision Point, the job of dec...

Description A PolicySet is a container that can hold other Policies or PolicySets, as well as references to policies found in remote locations. Policy Combining Algorithm Target Obligations Every PolicySet contains a target and obligations, both c...

Description A Policy represents a single access control policy, expressed through a set of Rules. Policy Combining Algorithm Target Variables Rules Obligations Screen overview Related objects Policy set Target Variables Rules Obligatio...

Introduction Once the Jump servers have been installed, following the steps defined on the PAM Jump Server installation page, it will be mandatory to configure the jump servers on the Soffid Console, to do that you can visit the Configure PAM session servers ...

Description XACML defines obligations as actions that have to be returned to the PEP with the PDP response XACML . If the PDP's evaluation is viewed as a tree of rules, policy sets and policies, each of which returns "Permit" or "Deny", then the set of obl...

Description A rule is the most elementary unit of policy. It may exist in isolation only within one of the major actors of the XACML domain. In order to exchange rules between major actors, they must be encapsulated in a policy. A rule can be evaluated on t...

Description Variables are the elements to define functions that may be used througthout the policy. Screen overview Related objects Policy Expressions Standard attributes Variable name: Name to identify the variable. Expressions: Any elemen...

Description Condition represents a Boolean expression that refines the applicability of the rule beyond the predicates implied by its target.  Therefore, it may be absent. Screen overview Related objects Policy Expressions Standard attributes ...

Description Defines to which access requests a policy or rule applies. In XACML all the attributes are categorized into four main categories: Subjects Resources Actions  Environments A target can contains more than one subject, environment, resource...

Description Soffid Console provides a graphical interface, with a hierarchy structure, that allows the management of Policy Decision Points in a easy way. You can create new policy sets, policies, policy set references and policy references. To start you onl...