Collaborate Disseminate
Is anybody aware of any open source .NET authorization solution based on OASIS ABAC/RBAC/XACML approach?
I have found some visible amount of Java based solutions but it seems .NET is completely out of it (lack of interest, n… Continue reading Authorization based on OASIS ABAC/RBAC/XACML approach
I am asked to answer a question but i can’t find such info in the internet so i created this post. The problem is:
An on-line paper company decide to give access to their customers depend on their subscription. So the customer read the news depending on what he has pay. There are 3 types of subscriptions: Sports,Food and Music. If a post doesn’t belong to any of above subscriptions – categories, then the post is free for everyone. Also if some post of the on-line paper describes a local fact then this post is again free to read from everyone.
a) I have to make a formal presentation of this policy in ABAC.
b) If we have a RBAC(Role-Based Access Control) how many roles we need and what are they?
The only example i have is this:
Basic requirement: access control is based on user’s age
and the movies’ content ratings (R, PG-13, G)
Advanced requirement: Suppose the store introduces
membership classes (Premium, Regular) and would like to
enforce a new policy that only Premium users can view New
Releases
Basic Policy:
R1: can_access(u,m,e) <–
(Age(u)>= 21 ^ Rating(m) at {R,PG13,G} v (21 >= Age(u) >= 13 ^ Rating(m) at {PG13,G)} v (Age(u) < 13 ^ Rating(m) at {G})
Advanced Policy:
R2: can_access(u,m,e) <–
(MemberType(u) = ‘Premium’) v (MemberType(u) = ‘Regular’ ^ MovieType(m) Not at {‘NewRelease’})