Search Results

Definition The PDP, Policy Decision Point, is in charge of evaluating the defined rules. The Policy Decision Point is essentially a policy compiler. The PDP must verify that the specified rules are within the scope of the rule authors authority. The PDP provi...

Dynamic role Enforcement Point Use case example We want to define a policy to restrict access to the Soffid console user's page (MainMenu > Administration > Resources > Users). The users who are assigned to the SOFFID_RRHH role (from this point forward: end...

Role centric Enforcement Point Use case example We want to define a policy to restrict access to the Soffid console role's page (MainMenu > Administration > Resources > Roles). The users who belong to the "enterprise" group as primary group (from this point...

Description In XACML all the attributes are categorized into four main categories: Subjects Resources Actions  Environments A target can contains more than one subject, environment, resource or action or none of them. The target is the way to define...

Description A rule is the most elementary unit of policy. It may exist in isolation only within one of the major actors of the XACML domain. In order to exchange rules between major actors, they must be encapsulated in a policy. A rule can be evaluated on t...

Description Variables are the elements to define functions that may be used througthout the policy. Screen overview Related objects Policy Expressions Standard attributes Variable name: Name to identify the variable. Expressions: Any elemen...

Description Condition represents a Boolean expression that refines the applicability of the rule beyond the predicates implied by its target.  Therefore, it may be absent. Screen overview Related objects Policy Expressions Standard attributes ...

Web Policy Enforcement Point Use case example We want to define a policy to restrict access to some pages of the Soffid console. The users who are assigned to the SOFFID_RRHH role (from this point forward: end-users) will have limitations to access to some ...

Description A PolicySet is a container that can hold other Policies or PolicySets, as well as references to policies found in remote locations. Every PolicySet contains a target and obligations, both can be empty. The target contains the subjects, resou...

Description The policy reference is used to reference a policy element. The reference is made by id of the policy. However, the mechanism for resolving a policy set reference to the corresponding policy  is outside the scope of this specification. Related ob...

Description The policy set reference is used to reference a policy set element. The reference is made by id of the policy set. However, the mechanism for resolving a policy set reference to the corresponding policy set is outside the scope of this specificati...

Description Soffid allows you to manage the OTP devices for each user. That option will be availavle on the User window. You need to query the user on the Users window, click the proper user and go to the OTP devices Tab, here you could manage the OTP devices...

Description Soffid allows to the administrator user, o the user with the proper roles, to configure the default questions that will be displayed to the end-users. Those questions will be the default questions, the end-users could change them and configure oth...

Description XACML defines obligations as actions that have to be returned to the PEP with the PDP response XACML . If the PDP's evaluation is viewed as a tree of rules, policy sets and policies, each of which returns "Permit" or "Deny", then the set of obl...

Description Soffid allows to end-user configure the questions and answers in Soffid console to recover the password when this functionality will be necessary. The option to configure the Questions and Answerr is on My Profile page. At this page, the user cou...

Description The PEP, Policy enforcement point,  is a component of policy-based management, where enforce the policies. It is the component that serves as the gatekeeper to access a digital resource. The PEP gives the PDP, Policy Decision Point, the job of dec...

What is OTP? A one time password (OTP) is a password that is valid for only one login session or transaction, on a computer system or other digital device. The most important advantage addressed by OTPs is that, in contrast to static passwords, they are not ...

What is Reporting? It is the process responsible for collecting data and presenting it in a readable format. These reports can be used to know the status of the applications, to solve possible errors with the data and also to make decisions. Reporting is an ...

Description At the report definitions tab you can add new reports to Soffid Console, and manage the the existing ones. You can create your own reports, you can visit the How to customize Reporting page, or download then from the Standard reports library page...

Steps Once you have installed the Reporting add-on you must follow the following steps: 1. Download the iReport classes from Soffid. 1.1. Open the Reports screen. Main Menu > Administration > Monitoring and reporting > Reports 1.2. Click on the "Reports d...