Authorisation PDP
The PDP component implements OASIS XACML 3.0 standard which allows to implement RBAC and ABAC authorisation models within the platform.
The component provides a set of functionalities that can be grouped as follows:
Domain management system: It manages different domains for supporting multiple companies and environments.
Policy management system: It allows the creation, and management of authorisation policies for different domains.
Decision system: It manages the engine to take authorisation decisions.
These features are accessible via REST.
Integration of the most advanced authorization model XACML 3.0
PDP component allows to take decision based on roles and/or attributes or other criteria.
Flexible by design
The use of XACML allows to evolve the system to future and challenging environments.
Integration of authorisation mechanisms in future applications
The multitenant capability represents an advantage for applications when implementing security features, delegating this technology to PDP.
Extendable to use more modern format technologies
Security policies can be translated and processed in modern formats such as JSON.
Additional ressources
Learn more about i4FS by visting the project website for general information, the wiki for information about the core components, the Technical Manual for API documentation, and downloading the repository’s source code.