SlideShare una empresa de Scribd logo

Fine grained xacml authorization with pip points

Umesha Gunasinghe
Umesha Gunasinghe

Fine-grained xacml authorization with pip points

EducaciónTecnologíaDiseño
1 de 9
Fine-Grained XACML Authorization with PIP points WSO2 Identity Server 4.5.0
Use Case • User ‘john’ trying to get READ access by using his user id. • Authorization should be given by validating the user id against user name, requesting use name information via PIP point. • PIP requesting information from a web service.
PIP JAX-RS Service PEP PDP Entitlement Service SoapUI PAP Use Case Diagram
XACML policy information • User – john • Action – READ • Resource – web service name
SoapUI Request information • User Id – 124 • Action – Read • Resource – web service name
Implementation Steps • Implement the JAX-RS Service and host it in Application Server – Refer Blogs • http://umeshagunasinghe.blogspot.com/2013/09/how-to- create-jax-rs-service-using-wso2.html • http://umeshagunasinghe.blogspot.com/2013/09/how-to- deploy-jax-rs-service-in-wso2.html • Writing the PIP – Refer Blog • http://umeshagunasinghe.blogspot.com/2013/10/how-to- write-pip-point-for-wso2-is.html
Implementation Steps • Registering the PIP in Identity Server – Refer Blog • http://umeshagunasinghe.blogspot.com/2013/10/how- to-register-pip-in-wso2-is.html • Writing the XACML Policy – Refer Blog • http://umeshagunasinghe.blogspot.com/2013/10/how- to-write-simple-xacml-policy-in.html
Implementation Steps • Enforcing the Policy – Refer Blogs • http://umeshagunasinghe.blogspot.com/2013/10/how- to-use-try-it-tool-in-wso2-is.html • http://umeshagunasinghe.blogspot.com/2013/10/how- to-expose-entitlement-service-in.html
Thank You!

Recomendados

Virtual intelligent student counselor for apiit
Virtual intelligent student counselor for apiitVirtual intelligent student counselor for apiit
Virtual intelligent student counselor for apiit
Umesha Gunasinghe
 
Jax WS JAX RS and Java Web Apps with WSO2 Platform
Jax WS JAX RS and Java Web Apps with WSO2 PlatformJax WS JAX RS and Java Web Apps with WSO2 Platform
Jax WS JAX RS and Java Web Apps with WSO2 Platform
WSO2
 
RahasNym: Preventing Linkability in the Digital Identity Eco System
RahasNym: Preventing Linkability in the Digital Identity Eco SystemRahasNym: Preventing Linkability in the Digital Identity Eco System
RahasNym: Preventing Linkability in the Digital Identity Eco System
HasiniG
 
Fine-grained authorization with XACML
Fine-grained authorization with XACMLFine-grained authorization with XACML
Fine-grained authorization with XACML
Prabath Siriwardena
 
OAuth 2.0 Integration Patterns with XACML
OAuth 2.0 Integration Patterns with XACMLOAuth 2.0 Integration Patterns with XACML
OAuth 2.0 Integration Patterns with XACML
Prabath Siriwardena
 
Economic Study of South Korea
Economic Study of South KoreaEconomic Study of South Korea
Economic Study of South Korea
Shaurya Vikram Singh
 
Privacy Preserving Biometrics-Based and User Centric Authentication Protocol
Privacy Preserving Biometrics-Based and User Centric Authentication ProtocolPrivacy Preserving Biometrics-Based and User Centric Authentication Protocol
Privacy Preserving Biometrics-Based and User Centric Authentication Protocol
HasiniG
 
DBMask: Fine-Grained Access Control on Encrypted Relational Databases
DBMask: Fine-Grained Access Control on Encrypted Relational DatabasesDBMask: Fine-Grained Access Control on Encrypted Relational Databases
DBMask: Fine-Grained Access Control on Encrypted Relational Databases
Mateus S. H. Cruz
 

Recomendados

Virtual intelligent student counselor for apiit
Virtual intelligent student counselor for apiitVirtual intelligent student counselor for apiit
Virtual intelligent student counselor for apiit
Umesha Gunasinghe
 
Jax WS JAX RS and Java Web Apps with WSO2 Platform
Jax WS JAX RS and Java Web Apps with WSO2 PlatformJax WS JAX RS and Java Web Apps with WSO2 Platform
Jax WS JAX RS and Java Web Apps with WSO2 Platform
WSO2
 
RahasNym: Preventing Linkability in the Digital Identity Eco System
RahasNym: Preventing Linkability in the Digital Identity Eco SystemRahasNym: Preventing Linkability in the Digital Identity Eco System
RahasNym: Preventing Linkability in the Digital Identity Eco System
HasiniG
 
Fine-grained authorization with XACML
Fine-grained authorization with XACMLFine-grained authorization with XACML
Fine-grained authorization with XACML
Prabath Siriwardena
 
OAuth 2.0 Integration Patterns with XACML
OAuth 2.0 Integration Patterns with XACMLOAuth 2.0 Integration Patterns with XACML
OAuth 2.0 Integration Patterns with XACML
Prabath Siriwardena
 
Economic Study of South Korea
Economic Study of South KoreaEconomic Study of South Korea
Economic Study of South Korea
Shaurya Vikram Singh
 
Privacy Preserving Biometrics-Based and User Centric Authentication Protocol
Privacy Preserving Biometrics-Based and User Centric Authentication ProtocolPrivacy Preserving Biometrics-Based and User Centric Authentication Protocol
Privacy Preserving Biometrics-Based and User Centric Authentication Protocol
HasiniG
 
DBMask: Fine-Grained Access Control on Encrypted Relational Databases
DBMask: Fine-Grained Access Control on Encrypted Relational DatabasesDBMask: Fine-Grained Access Control on Encrypted Relational Databases
DBMask: Fine-Grained Access Control on Encrypted Relational Databases
Mateus S. H. Cruz
 
MBA - Business Informatics - Vodafone: A Giant Global ERP Implementation
MBA - Business Informatics - Vodafone: A Giant Global ERP ImplementationMBA - Business Informatics - Vodafone: A Giant Global ERP Implementation
MBA - Business Informatics - Vodafone: A Giant Global ERP Implementation
Umesha Gunasinghe
 
MBA - Project Management - Mega Projects and the Impact on Society
MBA - Project Management - Mega Projects and the Impact on SocietyMBA - Project Management - Mega Projects and the Impact on Society
MBA - Project Management - Mega Projects and the Impact on Society
Umesha Gunasinghe
 
MBA - International Business - Regional Economic Integration
MBA - International Business - Regional Economic IntegrationMBA - International Business - Regional Economic Integration
MBA - International Business - Regional Economic Integration
Umesha Gunasinghe
 
MBA - Asian Business Strategy - Twitter acquires zipdial
MBA - Asian Business Strategy - Twitter acquires zipdial MBA - Asian Business Strategy - Twitter acquires zipdial
MBA - Asian Business Strategy - Twitter acquires zipdial
Umesha Gunasinghe
 
MBA - Managing People in Organizations
MBA - Managing People in OrganizationsMBA - Managing People in Organizations
MBA - Managing People in Organizations
Umesha Gunasinghe
 
MBA Research Thesis Proposal presentation - Analysis on the Factors affecting...
MBA Research Thesis Proposal presentation - Analysis on the Factors affecting...MBA Research Thesis Proposal presentation - Analysis on the Factors affecting...
MBA Research Thesis Proposal presentation - Analysis on the Factors affecting...
Umesha Gunasinghe
 
Analysis on the impact of information technology on international relations
Analysis on the impact of information technology on international relationsAnalysis on the impact of information technology on international relations
Analysis on the impact of information technology on international relations
Umesha Gunasinghe
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
AreebaZafar22
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
Celine George
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
christianmathematics
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
Jayanti Pande
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
National Information Standards Organization (NISO)
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch Letter
MateoGardella
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
EduSkills OECD
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
KokoStevan
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
Maestría en Comunicación Digital Interactiva - UNR
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
TechSoup
 

Más contenido relacionado

Más de Umesha Gunasinghe

Más de Umesha Gunasinghe (7)

MBA - Business Informatics - Vodafone: A Giant Global ERP Implementation
MBA - Business Informatics - Vodafone: A Giant Global ERP ImplementationMBA - Business Informatics - Vodafone: A Giant Global ERP Implementation
MBA - Business Informatics - Vodafone: A Giant Global ERP Implementation
 
MBA - Project Management - Mega Projects and the Impact on Society
MBA - Project Management - Mega Projects and the Impact on SocietyMBA - Project Management - Mega Projects and the Impact on Society
MBA - Project Management - Mega Projects and the Impact on Society
 
MBA - International Business - Regional Economic Integration
MBA - International Business - Regional Economic IntegrationMBA - International Business - Regional Economic Integration
MBA - International Business - Regional Economic Integration
 
MBA - Asian Business Strategy - Twitter acquires zipdial
MBA - Asian Business Strategy - Twitter acquires zipdial MBA - Asian Business Strategy - Twitter acquires zipdial
MBA - Asian Business Strategy - Twitter acquires zipdial
 
MBA - Managing People in Organizations
MBA - Managing People in OrganizationsMBA - Managing People in Organizations
MBA - Managing People in Organizations
 
MBA Research Thesis Proposal presentation - Analysis on the Factors affecting...
MBA Research Thesis Proposal presentation - Analysis on the Factors affecting...MBA Research Thesis Proposal presentation - Analysis on the Factors affecting...
MBA Research Thesis Proposal presentation - Analysis on the Factors affecting...
 
Analysis on the impact of information technology on international relations
Analysis on the impact of information technology on international relationsAnalysis on the impact of information technology on international relations
Analysis on the impact of information technology on international relations
 

Último

Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch Letter
MateoGardella
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
 

Último (20)

Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch Letter
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 

Fine grained xacml authorization with pip points

  • 1. Fine-Grained XACML Authorization with PIP points WSO2 Identity Server 4.5.0
  • 2. Use Case • User ‘john’ trying to get READ access by using his user id. • Authorization should be given by validating the user id against user name, requesting use name information via PIP point. • PIP requesting information from a web service.
  • 4. XACML policy information • User – john • Action – READ • Resource – web service name
  • 5. SoapUI Request information • User Id – 124 • Action – Read • Resource – web service name
  • 6. Implementation Steps • Implement the JAX-RS Service and host it in Application Server – Refer Blogs • http://umeshagunasinghe.blogspot.com/2013/09/how-to- create-jax-rs-service-using-wso2.html • http://umeshagunasinghe.blogspot.com/2013/09/how-to- deploy-jax-rs-service-in-wso2.html • Writing the PIP – Refer Blog • http://umeshagunasinghe.blogspot.com/2013/10/how-to- write-pip-point-for-wso2-is.html
  • 7. Implementation Steps • Registering the PIP in Identity Server – Refer Blog • http://umeshagunasinghe.blogspot.com/2013/10/how- to-register-pip-in-wso2-is.html • Writing the XACML Policy – Refer Blog • http://umeshagunasinghe.blogspot.com/2013/10/how- to-write-simple-xacml-policy-in.html
  • 8. Implementation Steps • Enforcing the Policy – Refer Blogs • http://umeshagunasinghe.blogspot.com/2013/10/how- to-use-try-it-tool-in-wso2-is.html • http://umeshagunasinghe.blogspot.com/2013/10/how- to-expose-entitlement-service-in.html