|
ALFA (XACML)
ALFA, or the Abbreviated Language For Authorization, is a domain-specific language used in the formulation of access-control policies. History Origin XACML, the eXtensible Access Control Markup Language, uses XML as its main encoding language. Writing XACML policies directly in XACML leads to bloated, human-unfriendly text, therefore a new, more lightweight, notation was necessary. Axiomatics researcher, Pablo Giambiagi, therefore designed ALFA, the Axiomatics Language for Authorization. ALFA maps directly into XACML. ALFA contains the same structural elements as XACML i.e. PolicySet, Policy, and Rule. Axiomatics donates ALFA to OASIS In March 2014, Axiomatics announced it was donating ALFA to the OASIS XACML Technical Committee in order to advance its standardization. ALFA was consequently renamed Abbreviated Language for Authorization and filed for standardization. Its current version can be accessehere Sample Use Cases * Medical use case: doctors can view the me ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Declarative Programming
In computer science, declarative programming is a programming paradigm—a style of building the structure and elements of computer programs—that expresses the logic of a computation without describing its control flow. Many languages that apply this style attempt to minimize or eliminate side effects by describing ''what'' the program must accomplish in terms of the problem domain, rather than describe ''how'' to accomplish it as a sequence of the programming language primitives (the ''how'' being left up to the language's implementation). This is in contrast with imperative programming, which implements algorithms in explicit steps. Declarative programming often considers programs as theories of a formal logic, and computations as deductions in that logic space. Declarative programming may greatly simplify writing parallel programs. Common declarative languages include those of database query languages (e.g., SQL, XQuery), regular expressions, logic programming, f ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
XACML
XACML stands for "eXtensible Access Control Markup Language". The standard defines a declarative fine-grained, attribute-based access control policy language, an architecture, and a processing model describing how to evaluate access requests according to the rules defined in policies. As a published standard specification, one of the goals of XACML is to promote common terminology and interoperability between access control implementations by multiple vendors. XACML is primarily an attribute-based access control system (ABAC), also known as a policy-based access control (PBAC) system, where attributes (bits of data) associated with a user or action or resource are inputs into the decision of whether a given user may access a given resource in a particular way. Role-based access control (RBAC) can also be implemented in XACML as a specialization of ABAC. The XACML model supports and encourages the separation of enforcement (PEP) from decision making (PDP) from management / de ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Domain-specific Language
A domain-specific language (DSL) is a computer language specialized to a particular application domain. This is in contrast to a general-purpose language (GPL), which is broadly applicable across domains. There are a wide variety of DSLs, ranging from widely used languages for common domains, such as HTML for web pages, down to languages used by only one or a few pieces of software, such as MUSH soft code. DSLs can be further subdivided by the kind of language, and include domain-specific ''markup'' languages, domain-specific ''modeling'' languages (more generally, specification languages), and domain-specific ''programming'' languages. Special-purpose computer languages have always existed in the computer age, but the term "domain-specific language" has become more popular due to the rise of domain-specific modeling. Simpler DSLs, particularly ones used by a single application, are sometimes informally called mini-languages. The line between general-purpose languages and do ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Structure
A structure is an arrangement and organization of interrelated elements in a material object or system, or the object or system so organized. Material structures include man-made objects such as buildings and machines and natural objects such as biological organisms, minerals and chemicals. Abstract structures include data structures in computer science and musical form. Types of structure include a hierarchy (a cascade of one-to-many relationships), a network featuring many-to-many links, or a lattice featuring connections between components that are neighbors in space. Load-bearing Buildings, aircraft, skeletons, anthills, beaver dams, bridges and salt domes are all examples of load-bearing structures. The results of construction are divided into buildings and non-building structures, and make up the infrastructure of a human society. Built structures are broadly divided by their varying design approaches and standards, into categories including building st ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Organization For The Advancement Of Structured Information Standards
The Organization for the Advancement of Structured Information Standards (OASIS; ) is a nonprofit consortium that works on the development, convergence, and adoption of open standards for cybersecurity, blockchain, Internet of things (IoT), emergency management, cloud computing, legal data exchange, energy, content technologies, and other areas. History OASIS was founded under the name "SGML Open" in 1993. It began as a trade association of Standard Generalized Markup Language (SGML) tool vendors to cooperatively promote the adoption of SGML through mainly educational activities, though some amount of technical activity was also pursued including an update of the CALS Table Model specification and specifications for fragment interchange and entity management. In 1998, with the movement of the industry to XML, SGML Open changed its emphasis from SGML to XML, and changed its name to OASIS Open to be inclusive of XML and reflect an expanded scope of technical work and st ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Attribute Based Access Control
Attribute-based access control (ABAC), also known as policy-based access control for IAM, defines an access control paradigm whereby a subject's authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, in some cases, environment attributes. ABAC policy rules are generated as Boolean functions of the subject's attributes, the object's attributes, and the environment attributes. Unlike role-based access control (RBAC), which defines roles that carry a specific set of privileges associated with them and to which subjects are assigned, ABAC can express complex rule sets that can evaluate many different attributes. Through defining consistent subject and object attributes into security policies, ABAC eliminates the need for explicit authorizations to individuals’ subjects needed in a non-ABAC access method, reducing the complexity of managing access lists and groups. Attribute values can be se ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
