Advanced Search
Search Results
49 total results found
Policy Decision Point (PDP)
Definition The PDP, Policy Decision Point, is in charge of evaluating the defined rules. The Policy Decision Point is essentially a policy compiler. The PDP must verify that the specified rules are within the scope of the rule authors authority. The PDP provi...
Example Dynamic role PEP
Dynamic role Enforcement Point Use case example We want to define a policy to restrict access to the Soffid console user's page (MainMenu > Administration > Resources > Users). The users who are assigned to the SOFFID_RRHH role (from this point forward: end...
Example Role centric PEP
Role centric Enforcement Point Use case example We want to define a policy to restrict access to the Soffid console role's page (MainMenu > Administration > Resources > Roles). The users who belong to the "enterprise" group as primary group (from this point...
Target
Description In XACML all the attributes are categorized into four main categories: Subjects Resources Actions Environments A target can contains more than one subject, environment, resource or action or none of them. The target is the way to define...
Rules
Description A rule is the most elementary unit of policy. It may exist in isolation only within one of the major actors of the XACML domain. In order to exchange rules between major actors, they must be encapsulated in a policy. A rule can be evaluated on t...
Variables
Description Variables are the elements to define functions that may be used througthout the policy. Screen overview Related objects Policy Expressions Standard attributes Variable name: Name to identify the variable. Expressions: Any elemen...
Conditions
Description Condition represents a Boolean expression that refines the applicability of the rule beyond the predicates implied by its target. Therefore, it may be absent. Screen overview Related objects Policy Expressions Standard attributes ...
Example Web PEP
Web Policy Enforcement Point Use case example We want to define a policy to restrict access to some pages of the Soffid console. The users who are assigned to the SOFFID_RRHH role (from this point forward: end-users) will have limitations to access to some ...
Policy set
Description A PolicySet is a container that can hold other Policies or PolicySets, as well as references to policies found in remote locations. Every PolicySet contains a target and obligations, both can be empty. The target contains the subjects, resou...
Policy reference
Description The policy reference is used to reference a policy element. The reference is made by id of the policy. However, the mechanism for resolving a policy set reference to the corresponding policy is outside the scope of this specification. Related ob...
Policy set reference
Description The policy set reference is used to reference a policy set element. The reference is made by id of the policy set. However, the mechanism for resolving a policy set reference to the corresponding policy set is outside the scope of this specificati...
Users OTP devices
Description Soffid allows you to manage the OTP devices for each user. That option will be availavle on the User window. You need to query the user on the Users window, click the proper user and go to the OTP devices Tab, here you could manage the OTP devices...
Configure Default questions
Description Soffid allows to the administrator user, o the user with the proper roles, to configure the default questions that will be displayed to the end-users. Those questions will be the default questions, the end-users could change them and configure oth...
Obligations
Description XACML defines obligations as actions that have to be returned to the PEP with the PDP response XACML . If the PDP's evaluation is viewed as a tree of rules, policy sets and policies, each of which returns "Permit" or "Deny", then the set of obl...
Password recovery questions
Description Soffid allows to end-user configure the questions and answers in Soffid console to recover the password when this functionality will be necessary. The option to configure the Questions and Answerr is on My Profile page. At this page, the user cou...
Policy Enforcement Point (PEP)
Description The PEP, Policy enforcement point, is a component of policy-based management, where enforce the policies. It is the component that serves as the gatekeeper to access a digital resource. The PEP gives the PDP, Policy Decision Point, the job of dec...
Introduction to OTP
What is OTP? A one time password (OTP) is a password that is valid for only one login session or transaction, on a computer system or other digital device. The most important advantage addressed by OTPs is that, in contrast to static passwords, they are not ...
Introduction to Reporting
What is Reporting? It is the process responsible for collecting data and presenting it in a readable format. These reports can be used to know the status of the applications, to solve possible errors with the data and also to make decisions. Reporting is an ...
Reports definitions
Description At the report definitions tab you can add new reports to Soffid Console, and manage the the existing ones. You can create your own reports, you can visit the How to customize Reporting page, or download then from the Standard reports library page...
Using iReport
Steps Once you have installed the Reporting add-on you must follow the following steps: 1. Download the iReport classes from Soffid. 1.1. Open the Reports screen. Main Menu > Administration > Monitoring and reporting > Reports 1.2. Click on the "Reports d...