Tag: PDP

Policy Decision Point

XACML PDP Performance Testing with Thrift

Last time using this blog post,  We discussed on load testing the XACML PDP using Jmeter.  We uses the HTTPS transport for calling the Web Service API that has been exposed by the PDP.  With Identity Server, we can also use Thrift protocal to communicate with PDP.  It is said that thrift is more faster […]

XACML engine architecture (PDP)

In this blog post. We are going to visit some architecture design of a XACML engine. When it comes to XACML and Open source world, WSO2 Identity server is one of a major player. Latest release of WSO2 Identity Server support XACML 3.0 based on Balana XACML implementation. As source code, distribution and documents are […]

XACML Sample for Health Care Application – Part 1

In this blog post I am going to create XACML sample (sample XACML policies , PIP and PEP) with some real world use case. Lets assume following use case in a Health care organization There is a health care organization called “Medi” “Medi”  keeps medical records of all the patients in a database repository. This repository  has […]

PDP Cluster with Load balancer

In my previous blog post, I explained deploying of PDP cluster using WSO2 Identity Server. Each PDP in the cluster exposes their own authorization service (Entitlement service). Therefore we need to setup a load balancer to forward the incoming authorization queries among each PDPs. Then load balancer would expose only a one interface for PEP […]

XACML reference architecture

The reference architecture proposes a standard for deployment of necessary software modules within an infrastructure. Policy Decision Point (PDP)evaluates policies against access requests provided by Policy Enforcement Points (PEP). To provide the decisions, PDP may also need to query a Policy Information Point (PIP) to gather descriptive attributes about the user or any other missing […]