+
  • Category: XACML

Stack Overflow: ABAC vs. RBAC via XACML Policies

ABAC
The Axiomatics technical teams across sales engineering, development and customer relations often engage with the Stack Overflow community to get insights and answers. They also...

How Can I Use Time in a XACML Policy?

Question of the Week
Attribute-based access control (ABAC) lets us define fine-grained authorization policies that typically take into account user attributes and resource attributes. Sometimes we may need time...

How can many complex permit rules for the same XACML policy be managed?

Tech
XACML, the eXtensible Access Control Markup Language, is an authorization language that implements Attribute Based Access Control (ABAC). As the name indicates, XACML uses attributes...

100% Pure XACML

XACML
X may mark the spot if you’re looking for treasure, but if you’re looking to protect something dear to you, such as your sensitive assets,...

Obligations and Advice in XACML part 2

Tech
In a previous blog post ​we discussed the use of XACML obligations and advice. I concluded the post with the cliff hanger: An interesting use...

Using JSON and REST profiles for external authorization

XACML
In this blog post we describe how the recent JSON and REST profiles of the XACML standard make it easier to use and to integrate...

You are not obliged to follow my advice: Obligations and Advice in XACML part 1

XACML
Imagine that you are designing a policy for your business, which happens to be a top-notch hospital, and bump into the following legal requirement: A...