What authorization mechanisms does TrustedX support?

TrustedX incorporates an authorization system based on an RBAC (Role Based Access Control) monitor, which offers an authorization decision of i) allowed, ii) denied and iii) non-determined, according to a Role given to an application or user identity and the action requested on a certain resource.

The authorization system controls access to the trusted services offered by TrustedX (as a trusted services provider) but it can also be used for managing the authorization to other services outside TrustedX. In this sense, TrustedX offers the following features:

• A standard interface for accessing authorization services Authorization Decision Query/Response of the SAMLP protocol or a Context Request/Response of XACML
• A behaviour as an authorization policy decision point (PDP) in which the authorization rules are assessed and TrustedX issues an authorization decision through the RBAC monitor
• A behaviour as authorization policy enforcement point (PEP) in which TrustedX delegates the authorization decision to an external component accessed through SAMLP or XACML.