Attribute-based access control (ABAC), also known as policy-based access control, defines an access control paradigm whereby access rights are granted to users through the use of policies which reason over data in attributes. The policies can use any type of attributes (user attributes, resource attributes, object, environment attributes etc.). Read more here - https://en.wikipedia.org/wiki/Attribute-based_access_control ABAC Policy Language is used by ABAC to author policies. A policy consists of rules, which have "when" conditions and "then" actions. Policies are executed in a bounded time, goaled to reach a decision as quickly as possible in deterministic, fast and reliable way. Further light-weight execution consumes minimal resources.
Multiple rules giving conflicting decisions, there should be a way to find the right outcome. Deny takes precedence? Salience takes precedence? Or a configuration.
5 modes,
fastest one rule execution
fastest one decision
fire all rules and decide on decision
Any deny or just 1 permit (with 0 deny)
Salience based decision making
Client's get to choose mode and then write policies according to that.
Expected Behavior
Please describe the behavior you are expecting
Current Behavior
What is the current behavior?
Failure Information (for bugs)
Please help provide information about the failure if this is a bug. If it is not a bug, please remove the rest of this template.
Steps to Reproduce
Please provide detailed steps for reproducing the issue.
step 1
step 2
you get it...
Failure Logs
Please include any relevant log snippets or files here.
Issue Template
Context
Multiple rules giving conflicting decisions, there should be a way to find the right outcome. Deny takes precedence? Salience takes precedence? Or a configuration.
5 modes,
fastest one rule execution fastest one decision fire all rules and decide on decision Any deny or just 1 permit (with 0 deny) Salience based decision making Client's get to choose mode and then write policies according to that.
Expected Behavior
Please describe the behavior you are expecting
Current Behavior
What is the current behavior?
Failure Information (for bugs)
Please help provide information about the failure if this is a bug. If it is not a bug, please remove the rest of this template.
Steps to Reproduce
Please provide detailed steps for reproducing the issue.
Failure Logs
Please include any relevant log snippets or files here.