Axiomatics | Policy Administration Points

The XACML policy language is almost as expressive as a natural language. However, computers are rigid and therefore the XACML grammar must be strictly adhered to. You need an editor with a complete language support. The APS Policy Administration Point (PAP) is the most advanced XACML policy authoring and debugging tool available on the market.

The Axiomatics PAP editor is a graphical user interface (GUI) for policy authoring. It comes with a rich set of features to help administrators produce XACML 3.0 conformant policies. As of Axiomatics Policy Server 5.0, Axiomatics also delivers text-based editors for policy authoring utilizing the Axiomatics Language for Authorization (ALFA). For mor details, see the ALFA Plugin for Eclipse.

Policy Administration Point

These are some of the main characteristics of the Axiomatics PAP interface:

Complete support for all XACML 3.0 specific functions and data types. The graphical user interface helps administrators manage all language specific features such as combining algorithms, obligations and advice, simple value-comparing conditions or advanced XPath expressions, etc.
A tree-view provides an overview of policy sets and the policies and rules that they contain.
Through drag-and-drop, items can be moved in the tree-view.
Policies can be loaded for request simulations.
Evaluation of simulated requests can be examined in a step-wise debugging tool.

The screen shot below shows a policy set loaded for simulation and debugging in the Axiomatics standard PAP GUI:

Axiomatics PAP GUI

The Axiomatics standard GUI consumes the Axiomatics PAP server API to provide these features in a graphical user interface. This GUI is an advanced general-purpose XACML authoring tool. However, other policy editors can use the PAP API as well. Customers may connect editors to APS which they build themselves or use special-purpose editors provided by Axiomatics Professional Services.

Different GUI implementations can also be used in parallel:

Axiomatics PAP GUI API

Approach
- - Future-proof access control
    Extensible authorization
    Beyond roles and RBAC
    Risk intelligence
    Fine granular policy enforcement
    Enabling information sharing
  - Business values
    Governance
    Compliance
    Risk management integration
    Cost savings
    New opportunities
Technology
- - Products and Services
    Axiomatics products - overview
    Axiomatics Policy Server
    APS Developer Edition
    Axiomatics Policy Auditor
    Axiomatics Reverse Query
    CA SiteMinder Extension
  - Components
    Policy Administration Points
    Axiomatics Language for Authorization (ALFA)
    Policy Enforcement Points
    Policy Information Points
    Policy Decision Points
  - Foundations
    100% XACML
    Attribute Based Access Control
    Externalized authorization
    Fine-grained authorization
  - Resources
    White papers
    Data Sheets
    Case studies
    Product sheets
    Videos
    XACML for developers
    XACML for Windows Server 2012
Solutions
- - Industries
    Financial industries
    Health care
    Insurance
    Manufacturing
    Public sector
    OEM / Solution providers
  - Objectives
    Privacy protection
    Fraud prevention
    Information sharing
    Cloud scenarios
    SOA security
About
- - Company
    About Axiomatics
    Management
    Board
    Contacts
    Careers
  - Customers and Partners
    Customers
    Partners
    System integrators
    Technology partners
  - News and Events
    News
    Events
    Newsletters

Search

XACML policy life-cycle management
The Axiomatics eXtensible authorization solutions implement XACML 2.0 and XACML 3.0.

Fine-grained authorization
XACML policies use attributes of the subject, the action, the resource and the context in which access is requested to deliver fine-grained access controls.

APS Developer Edition
The Axiomatics Policer Server Developer Edition is a compact version of the APS that enables users to manage, simulate and enforce fine-grained policies written in XACML.

100% pure XACML
XACML is the standards language that enables enterprises to implement policy-based authorization. Products from Axiomatics implement XACML 2.0 and 3.0. This article describes the details of the OASIS standard.

XACML advanced training
Description of the Axiomatics Policy Server, the world's leading XACML implementation.

Analysis and further reading

To get more in-depth information on fine-grained, context aware access control, visit our resource centre. Once you have registered and logged on you can access all our whitepapers.

Become a registered user

Contact Axiomatics

Would you like to learn more about Axiomatics solutions? Would you like to see a demo? Do you want to speak to an Axiomatics representative about your authorization requirements?

Contact Axiomatics

Policy Administration Points

Search

Read more

Analysis and further reading

Contact Axiomatics

Approach

Technology

Solutions

About

Contact