IABACEngine

Description

The IABACEngine interface is used to calculate the specified attribute-based access control policy, which results in the determined subject access to object.

Comments

It is used to create the attribute-based access control that is not connected with general security policy.

To get result of subject access to object:

1. Use the ABACEngine class to further determine methods of the IABACEngine interface.

2. Set mandatory methods: SetEnvironment, SetParams, SetPolicy.

3. Set the operation, by which subject access to object is determined, using the Evaluate method.

After executing the operations the Evaluate method returns result of calculating subject access to object. For example, the USER user is allowed to read an object with the OBJ identifier.

Methods

	Method name	Brief description
	Evaluate	The Evaluate method returns result of subject access to object.
	SetCallback	The SetCallback method sets the function that determines attribute value if subject or object attribute is not determined.
	SetEnvironment	The SetEnvironment method sets the collection of environment attributes.
	SetOperations	The SetOperations method sets attribute value in the objective if the OPERATION environment attribute is used with the IN condition.
	SetParams	The SetParams method sets the collection of attributes of the subject and object, for which attribute-based access control is determined.
	SetPolicy	The SetPolicy method sets attribute-based access control policy.

See also:

ABAC Assembly Interfaces

Copy page URL

Back to top

To report a found bug, please, select the text with the bug and click Report a Bug or CTRL+ENTER.

Help system 10.4 of 09/07/2024, © FORESIGHT