The IABACEngine interface is used to calculate the specified attribute-based access control policy, which results in the determined subject access to object.
It is used to create the attribute-based access control that is not connected with general security policy.
To get result of subject access to object:
Use the ABACEngine class to further determine methods of the IABACEngine interface.
Set mandatory mathods: IABACEngine.SetEnvironment, IABACEngine.SetParams, IABACEngine.SetPolicy.
Set the operation, by which subject access to object is determined, using the IABACEngine.Evaluate method.
After executing the operations the IABACEngine.Evaluate method returns result of calculating subject access to object. For example, the USER user is allowed to read an object with the OBJ identifier.
Method name | Brief description | |
Evaluate | The Evaluate method returns result of subject access to object. | |
SetCallback | The SetCallback method sets the function that determines attribute value if subject or object attribute is not determined. | |
SetEnvironment | The SetEnvironment method sets the collection of environment attributes. | |
SetOperations | The SetOperations method sets attribute value in the objective if the OPERATION environment attribute is used with the IN condition. | |
SetParams | The SetParams method sets the collection of attributes of the subject and object, for which attribute-based access control is determined. | |
SetPolicy | The SetPolicy method sets attribute-based access control policy. |
See also: