Axiomatics Boot Camp: Testing XACML Policies Using JUnit, Eclipse, and the Abbreviated Language for Authorization (ALFA)

Experts Henrik Johansson of Knowit and David Brossard of Axiomatics provide a deep dive into testing XACML policies in this technical webinar.

We start with the authorization lifecycle and how it works and highlight the importance of testing access policies before implementing them in production. Next we provide an overview on using the Axiomatics PEP SDK for Java. To help illustrate the process, we demonstrate how to combine the PEP SDK with JUnit to provide a repeatable testing process.
Key takeaways:

  • Overview of the policy authorization lifecycle
  • Policy authoring with the Abbreviated Language for Authorization (ALFA)
  • Using the PEP SDK for Java with JUnit
  • Developing automated testing scripts

Other Resources

Webinars
The Convergence of Cloud, DevOps and Access Control
Security experts from industry-leading NTT DATA and Axiomatics are making a deep dive into migrating access control to the cloud. Follow the demonstration of how to set up a project for containerization using ALFA and Jenkins.
Webinars
ABAC as code – Applying Modern DevOps to Policy Authoring
A DevOps approach to externalized business policy engineering can ensure modern CI/CD processes help IT adoption of access control policy authoring.
Webinars
Taking an identity-centric approach to a modern security architecture
Federal agencies invest heavily in protecting data from external threat actors, but the insider threat problem requires a new approach to access control. While protecting data is paramount, that requirement must be balanced with the need to share certain information across a variety of use case scenarios within and across agencies/departments.