Skip to main content
Advanced Search
Search Terms
Content Type

Exact Matches
Tag Searches
Date Options
Updated after
Updated before
Created after
Created before

Search Results

22 total results found

XACML

XACML eXtensible Access Control Markup Language

XACML
Soffid 3
Addon

Policy reference

XACML Soffid XACML Editor

Description The policy reference is used to reference a policy element. The reference is made by id of the policy. However, the mechanism for resolving a policy set reference to the corresponding policy  is outside the scope of this specification. Related ob...

XACML
Soffid 3

Expressions

XACML Soffid XACML Editor

Description The Expression signifies that an element that extends the ExpressionType and is a member of the Expression substitution group shall appear in its place. The Expression is not used directly in a policy.  Related objects Variables Condition...

Soffid 3
XACML

Policy

XACML Soffid XACML Editor

Description A Policy represents a single access control policy, expressed through a set of Rules. Screen overview Related objects Policy set Target Variables Rules Obligations Standard attributes Policy set Identifier: identify the polic...

XACML
Soffid 3

XACML Editor

XACML Soffid XACML Editor

Description Soffid Console provides a graphical interface, with a hierarchy structure, that allows the management of Policy Decision Points in a easy way. You can create new policy sets, policies, policy set references and policy references. To start you onl...

XACML
Soffid 3

Introduction to XACML

XACML

What is XACML? XACML "eXtensible Access Control Markup Language" is an open standard XML based language. The standard defines a declarative fine-grained, attribute-based access control policy language, an architecture, and a processing model describing how to...

XACML
Soffid 3
Addon

XACML Rule combining algorithm

XACML

Definition The rule-combining algorithm defines a procedure for arriving at an authorization decision given the individual results of evaluation of a set of rules XACML rule combining algorithms is in charge to combine the decisions produced by different...

XACML
Soffid 3

Policy Enforcement Point (PEP)

XACML

Description The PEP, Policy enforcement point,  is a component of policy-based management, where enforce the policies. It is the component that serves as the gatekeeper to access a digital resource. The PEP gives the PDP, Policy Decision Point, the job of dec...

XACML
Soffid 3

Obligations

XACML Soffid XACML Editor

Description XACML defines obligations as actions that have to be returned to the PEP with the PDP response XACML . If the PDP's evaluation is viewed as a tree of rules, policy sets and policies, each of which returns "Permit" or "Deny", then the set of obl...

XACML
Soffid 3

Policy set reference

XACML Soffid XACML Editor

Description The policy set reference is used to reference a policy set element. The reference is made by id of the policy set. However, the mechanism for resolving a policy set reference to the corresponding policy set is outside the scope of this specificati...

XACML
Soffid 3

Policy set

XACML Soffid XACML Editor

Description A PolicySet is a container that can hold other Policies or PolicySets, as well as references to policies found in remote locations. Every PolicySet contains a target and obligations, both can be empty. The target contains the subjects, resou...

XACML
Soffid 3

Soffid XACML Editor

XACML

Soffid XACML Editor

XACML
Soffid 3

Example Web PEP

XACML XACML Examples

Web Policy Enforcement Point Use case example We want to define a policy to restrict access to some pages of the Soffid console. The users who are assigned to the SOFFID_RRHH role (from this point forward: end-users) will have limitations to access to some ...

XACML
Soffid 3
Addon

Conditions

XACML Soffid XACML Editor

Description Condition represents a Boolean expression that refines the applicability of the rule beyond the predicates implied by its target.  Therefore, it may be absent. Screen overview Related objects Policy Expressions Standard attributes ...

XACML
Soffid 3

Variables

XACML Soffid XACML Editor

Description Variables are the elements to define functions that may be used througthout the policy. Screen overview Related objects Policy Expressions Standard attributes Variable name: Name to identify the variable. Expressions: Any elemen...

XACML
Soffid 3

Rules

XACML Soffid XACML Editor

Description A rule is the most elementary unit of policy. It may exist in isolation only within one of the major actors of the XACML domain. In order to exchange rules between major actors, they must be encapsulated in a policy. A rule can be evaluated on t...

XACML
Soffid 3

Target

XACML Soffid XACML Editor

Description In XACML all the attributes are categorized into four main categories: Subjects Resources Actions  Environments A target can contains more than one subject, environment, resource or action or none of them. The target is the way to define...

XACML
Soffid 3

Example Role centric PEP

XACML XACML Examples

Role centric Enforcement Point Use case example We want to define a policy to restrict access to the Soffid console role's page (MainMenu > Administration > Resources > Roles). The users who belong to the "enterprise" group as primary group (from this point...

XACML
Soffid 3
Addon

Example Dynamic role PEP

XACML XACML Examples

Dynamic role Enforcement Point Use case example We want to define a policy to restrict access to the Soffid console user's page (MainMenu > Administration > Resources > Users). The users who are assigned to the SOFFID_RRHH role (from this point forward: end...

Soffid 3
XACML
Addon

Policy Decision Point (PDP)

XACML

Definition The PDP, Policy Decision Point, is in charge of evaluating the defined rules. The Policy Decision Point is essentially a policy compiler. The PDP must verify that the specified rules are within the scope of the rule authors authority. The PDP provi...

XACML
Soffid 3

XACML Examples

XACML

XACML Examples

XACML
Soffid 3

Example Password Vault PEP

XACML XACML Examples

Password Vault Policy Enforcement Point Use case example 1 We want to define a policy to restrict access to the Soffid Password Vault. The users who are assigned to the SOFFID_ADMIN role (from this point forward: end-users) will have limitations to perform ...

Soffid 3
Addon
XACML