Security Policy Tool Key Functions

Access Control Policy Functions
Access Control Policy Composition Access Control attribute composition:
  • Systematic access control attribute definitions of Resource, Action, Environment, Condition
  • Conveniently attribute update, display the summary, search, and rename an attribute
  • Automatically update in relevant policies
Access Control model and templates for:
  • ABAC (Attribute-based Access Control)
  • Multilevel Security (MLS) and Workflow
Subject/Object Inheritance User-friendly GUI to:
  • Define a subject/resource hierarchical access control structure with automatically exclude inheritance loop
  • Graphically display the subject/resource hierarchical structure
  • View/add/delete/update the hierarchical subjects and resources
  • Automatic policy composition for inherited beneficiaries
Access Control Policy Tests Rich, powerful, thoughtful, and interactive testing functions:
  • Compose and edit a set of policies in an intuitive way
  • Compose various security requirements to generate test cases
  • Merged policy verification
  • Combine policy verification
  • Combinational policy tests (2-way, 3-way, 4-way, etc.) for a very high access control testing coverage (e.g., >99% access control cases)
  • Separation of Duty for merged and combined policy verification
  • Rule combination algorithms are integrated on the policy tests
  • Policy enforcement algorithms are integrated on the policy tests
Access Control Policy Analysis, Error Inspection, and Correction Rich, powerful, thoughtful, and interactive policy analyzing functions:
  • Manage and analyze many policies easily
  • Identify the policy that cause permit/deny/not applicable
  • Well-organized the table-based testing results for thoughtful and comprehensive analysis
  • Fix/modify/test the policy and reanalyze the results
XACML Features XACML - Compatible Policy functions:
  • Automatically convert the composed and tested policies into XACML 3.0 policies
  • XACML 3.0 policy editor
  • XACML 2.0/3.0 policy & request input to the editor and access control security model
  • Automatically convert XACML 2.0 policy to 3.0
  • Integrating verification for XACML 3.0 policies