In addition to the policy editor, APS 6 also introduces the notion of attribute namespaces that help to enable and enhance collaboration in policy writing as well as support multi-projects based policy writing.
The greatest challenge in an ABAC implementation is often non-technical in nature. The new web-based interface for APS 6.0 is designed to facilitate this transition by giving policy authors the power to represent policies graphically and policy administrators the means to verify and comment upon policies. On the front end, authors use natural language rules that are translated into standards-based XACML policies for implementation.
Enterprises in highly regulated industries, and subject to government regulations (such as export control) and compliance standards (such as HIPAA) are among those moving to ABAC. Federal agencies are making the shift as well, enabling infrastructures with ABAC capabilities as outlined in NIST Special Publication 800-162.
Legacy systems define access control through role-based access control, based on users being assigned to groups or roles to define authorization for applications and databases. This approach does not meet the needs of today’s complex security landscape – implementation of ABAC using the Axiomatics Policy Server effectively meets these rapidly changing and dynamic requirements.