awesome-repositories.com
المدونة
awesome-repositories.com

اكتشف أفضل مستودعات المصادر المفتوحة باستخدام بحث مدعوم بالذكاء الاصطناعي.

استكشفعمليات بحث منسقةبدائل مفتوحة المصدربرمجيات ذاتية الاستضافةالمدونةخريطة الموقع
المشروعحولكيفية ترتيب النتائجالصحافةخادم MCP
قانونيالخصوصيةالشروط
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

32 مستودعات

Awesome GitHub RepositoriesAttribute-Based Access Control

Security frameworks that enforce permissions based on resource metadata and user attributes.

Distinguishing note: Focuses on metadata-driven policy enforcement rather than role-based access.

Explore 32 awesome GitHub repositories matching security & cryptography · Attribute-Based Access Control. Refine with filters or upvote what's useful.

Awesome Attribute-Based Access Control GitHub Repositories

اعثر على أفضل المستودعات باستخدام الذكاء الاصطناعي.سنبحث عن أفضل المستودعات المطابقة باستخدام الذكاء الاصطناعي.
  • langchain-ai/langgraphالصورة الرمزية لـ langchain-ai

    langchain-ai/langgraph

    34,925عرض على GitHub↗

    LangGraph is a framework for building stateful, multi-step agentic workflows by modeling application logic as a directed graph. It provides a runtime environment where complex tasks are orchestrated through interconnected nodes and edges, allowing developers to manage state transitions, persistent memory, and control flow across long-running automated processes. The platform distinguishes itself through its native support for human-in-the-loop automation, enabling developers to define breakpoints that pause execution for manual review, modification, or approval. It also features checkpoint-ba

    Enforces granular security policies by evaluating resource tags and user attributes.

    Pythonagentsaiai-agents
    عرض على GitHub↗34,925
  • langchain-ai/deepagentsالصورة الرمزية لـ langchain-ai

    langchain-ai/deepagents

    25,006عرض على GitHub↗

    Deepagents is an LLM agent orchestration platform and stateful application server designed for deploying and managing AI agents built with computational graphs. It provides a containerized runtime environment that handles agent execution, state persistence, and the versioning of AI assistants. The platform distinguishes itself through deep integration with the Model Context Protocol, allowing agents to function as servers that expose tools and capabilities to external clients. It features a sophisticated observability suite for capturing execution traces, performing LLM-based evaluations agai

    Enforces permissions based on resource metadata and tags to grant fine-grained access.

    Pythonagentsdeepagentslangchain
    عرض على GitHub↗25,006
  • prefecthq/fastmcpالصورة الرمزية لـ PrefectHQ

    PrefectHQ/fastmcp

    22,994عرض على GitHub↗

    FastMCP is a Python framework designed for building servers that expose functions, resources, and prompts to AI models using the Model Context Protocol. It simplifies the development process by automatically deriving tool metadata, input schemas, and documentation directly from Python function signatures and type hints. The framework provides a unified container for managing these components, allowing developers to build modular applications that integrate seamlessly with AI assistants. The project distinguishes itself through its support for interactive, server-defined user interface compone

    Applies attribute-based access control policies that inspect and validate specific tool arguments.

    Pythonagentsfastmcpllms
    عرض على GitHub↗22,994
  • cube-js/cubeالصورة الرمزية لـ cube-js

    cube-js/cube

    20,251عرض على GitHub↗

    Cube is a semantic data layer that provides a unified framework for defining business metrics, dimensions, and relationships across diverse data sources. By acting as a headless business intelligence engine, it transforms raw data into a governed model that can be queried via SQL, REST, and GraphQL interfaces. This architecture ensures consistent data definitions and logic across all downstream analytical applications and reporting tools. The platform distinguishes itself through its integrated conversational AI capabilities, which allow users to explore data using natural language. It orches

    Provides programmatic access to user attributes for dynamic security context and personalization.

    Rustagentic-analyticsagentsai
    عرض على GitHub↗20,251
  • casbin/casbinالصورة الرمزية لـ casbin

    casbin/casbin

    19,848عرض على GitHub↗

    Casbin is an authorization library that provides a model-based engine for enforcing access control across diverse application environments. It decouples authorization logic from application code by using a configuration-driven approach, allowing developers to define access rules and evaluation logic independently. The system supports a wide range of access control models, including role-based, attribute-based, and relationship-based patterns, which are evaluated at runtime to determine if a subject is permitted to perform an action on a resource. The project distinguishes itself through a hig

    Provides a flexible authorization engine that enforces role-based, attribute-based, and relationship-based access control models.

    Goabacaccess-controlacl
    عرض على GitHub↗19,848
  • memorilabs/memoriالصورة الرمزية لـ MemoriLabs

    MemoriLabs/Memori

    15,358عرض على GitHub↗

    Memori is an AI agent memory middleware platform designed to provide persistent, context-aware recall for language models. It functions as a non-intrusive layer that intercepts outbound model requests to automatically capture interaction history and execution traces, ensuring that agents maintain continuity across sessions without requiring modifications to existing application logic. The platform distinguishes itself through a dual-model storage architecture that maintains information as both structured relational primitives for precise fact retrieval and rolling narrative summaries for situ

    Links stored information to specific users and processes to ensure data isolation and accurate retrieval.

    Pythonagentaiaiagent
    عرض على GitHub↗15,358
  • oauth2-proxy/oauth2-proxyالصورة الرمزية لـ oauth2-proxy

    oauth2-proxy/oauth2-proxy

    14,576عرض على GitHub↗

    This project is a reverse proxy server that secures internal web services by enforcing authentication against external identity providers. It acts as a gatekeeper for incoming HTTP traffic, validating user identity before forwarding requests to protected backend applications. By integrating with OAuth2 and OIDC providers, the proxy ensures that only authorized users can access internal resources. The proxy distinguishes itself through its flexible session management and granular access control. It maintains authenticated user state across requests using either encrypted client-side cookies or

    Filters incoming traffic based on verified user attributes such as email address, domain membership, or group affiliation.

    Gocloud-infrastructurehacktoberfestoauth2-proxy
    عرض على GitHub↗14,576
  • othmanadi/planning-with-filesالصورة الرمزية لـ OthmanAdi

    OthmanAdi/planning-with-files

    14,139عرض على GitHub↗

    Planning with files is an enterprise knowledge graph platform designed to transform unstructured organizational data into a searchable, interconnected network. By utilizing a graph-based retrieval-augmented generation engine, the system grounds language model outputs in verified internal data, ensuring that responses are explainable, traceable, and free from hallucinations. The platform distinguishes itself through a focus on data sovereignty and secure, private infrastructure deployment. It enables organizations to maintain full control over sensitive information by processing data locally o

    Enforces granular security permissions at the data level using resource metadata and user attributes to ensure regulatory compliance.

    Pythonadalagentagent-skills
    عرض على GitHub↗14,139
  • formbricks/formbricksالصورة الرمزية لـ formbricks

    formbricks/formbricks

    12,391عرض على GitHub↗

    Formbricks is an open-source survey and feedback platform designed to help teams capture and analyze user insights through targeted, in-app, and website-based interactions. It functions as a comprehensive customer experience analytics system that allows organizations to maintain full control over their data, user attributes, and survey workflows. The platform distinguishes itself through its event-driven architecture, which enables precise behavioral targeting by triggering surveys based on specific user actions or application events. It supports deep integration with external ecosystems by a

    Enables the retrieval of user attribute definitions to facilitate structured data access and personalization.

    TypeScriptexperience-managementformforms
    عرض على GitHub↗12,391
  • apereo/casالصورة الرمزية لـ apereo

    apereo/cas

    11,347عرض على GitHub↗

    This project is an open-source identity provider and single sign-on platform that centralizes user authentication for multiple web applications and services. It functions as a multi-protocol authentication gateway, verifying user identities and issuing tokens through the CAS protocol as well as industry standards including SAML, OAuth2, and OpenID Connect. The system acts as a federated identity server, allowing authentication to be delegated to external third-party or corporate identity providers. It distinguishes itself through identity attribute governance, which manages which specific use

    Implements a rule-based engine to control the release of user profile data and permissions to connected applications.

    Javaauthenticationauthorizationaws
    عرض على GitHub↗11,347
  • mozilla-firefox/firefoxالصورة الرمزية لـ mozilla-firefox

    mozilla-firefox/firefox

    11,305عرض على GitHub↗

    Firefox is a cross-platform web browser engine designed to render web content, execute JavaScript, and manage secure browsing sessions. It utilizes a multi-process isolation architecture that distributes browser tasks across independent operating system processes to ensure stability and prevent site-specific failures from impacting the entire application. The engine incorporates a sandboxed execution environment to restrict web content and untrusted scripts to isolated memory compartments, enforcing security policies that prevent unauthorized access to system resources. The project distinguis

    Determines if one security context has authorization to access another by checking if the former subsumes the latter.

    JavaScript
    عرض على GitHub↗11,305
  • livecontainer/livecontainerالصورة الرمزية لـ LiveContainer

    LiveContainer/LiveContainer

    9,299عرض على GitHub↗

    LiveContainer is an iOS app container manager that runs applications in isolated sandboxes with separate data, keychain, and vendor identifiers, bypassing Apple's free developer account installation limits. It uses Just-In-Time compilation to launch unsigned apps without a developer certificate, and supports running multiple instances and versions of the same app simultaneously. The tool also injects custom dynamic libraries and framework tweaks at launch, applied globally or per application. Beyond basic containerization, LiveContainer provides advanced multitasking with resizable virtual or

    LiveContainer assigns unique keychain access groups per container, supporting up to 128 separate accounts per app.

    Swift
    عرض على GitHub↗9,299
  • teamhanko/hankoالصورة الرمزية لـ teamhanko

    teamhanko/hanko

    8,801عرض على GitHub↗

    Hanko is an open-source identity provider and customer identity and access management system. It serves as a passkey authentication service and an OAuth and SAML SSO gateway, allowing applications to authenticate users and issue tokens via standard identity protocols. The project distinguishes itself through a strong focus on passwordless access using WebAuthn-based passkeys and email-based passcodes. It provides framework-agnostic authentication interfaces as customizable web components that can be embedded directly into web applications to handle login, registration, and profile management.

    Enforces request permissions by evaluating user attributes, roles, and relationships via a centralized policy engine.

    Go2faauthenticationciam
    عرض على GitHub↗8,801
  • javalin/javalinالصورة الرمزية لـ javalin

    javalin/javalin

    8,290عرض على GitHub↗

    Javalin is a lightweight web framework for Java and Kotlin designed for building REST APIs and web applications. It functions as an embedded Jetty web server, allowing applications to run as standalone processes without the need for an external servlet container. The project provides specialized frameworks for diverse communication patterns, including a REST API framework with automatic OpenAPI schema generation, a GraphQL API framework with query and mutation resolvers, and a WebSocket server for bidirectional real-time communication. It also includes a dedicated framework for pushing real-t

    Supports application attribute stores for retrieving globally registered attributes within any handler context.

    Kotlinhacktoberfestjavajavalin
    عرض على GitHub↗8,290
  • kishikawakatsumi/keychainaccessالصورة الرمزية لـ kishikawakatsumi

    kishikawakatsumi/KeychainAccess

    8,247عرض على GitHub↗

    KeychainAccess is a Swift library used for storing and retrieving encrypted data within the Apple system keychain across iOS and macOS. It provides a type-safe interface for managing sensitive information and user credentials on iOS, macOS, tvOS, and watchOS. The library includes a biometric authentication interface that requires FaceID or TouchID verification with custom prompts before accessing specific secure items. It also enables the synchronization of credentials across Apple devices via a cloud keychain and provides a manager for sharing login credentials between native applications an

    Manages shared credentials between apps by specifying access groups within the keychain search dictionary.

    Swift
    عرض على GitHub↗8,247
  • spatie/laravel-activitylogالصورة الرمزية لـ spatie

    spatie/laravel-activitylog

    5,850عرض على GitHub↗

    This is a Laravel package that provides a database audit trail by automatically logging user actions and Eloquent model events. It records create, update, and delete operations on models into a dedicated database table, creating a searchable record of changes for tracking and review. The package distinguishes itself through extensive configuration and customization options. You can control which model attributes are logged, specify which events trigger logging, customize activity descriptions, and modify activity records before they are saved. It supports logging changes to pivot models, trac

    Provides the ability to exclude specified attributes from activity log entries.

    PHP
    عرض على GitHub↗5,850
  • cloudevents/specالصورة الرمزية لـ cloudevents

    cloudevents/spec

    5,801عرض على GitHub↗

    CloudEvents is an open specification for describing event data in a common format across cloud platforms and services. It defines a standard structure and set of metadata attributes for events, enabling interoperability across different systems so producers and consumers can exchange events without custom translation. The specification provides a protocol-agnostic serialization framework that maps CloudEvents attributes and payloads to multiple serialization formats including JSON, Avro, and Protobuf, and defines transport bindings for mapping events onto protocols like HTTP, AMQP, Kafka, MQTT

    Defines well-known optional extension attributes for CloudEvents to support sampling, partitioning, and sequence tracking.

    Pythonserverlessspecification
    عرض على GitHub↗5,801
  • permify/permifyالصورة الرمزية لـ Permify

    Permify/permify

    5,812عرض على GitHub↗

    Evaluates runtime attributes such as IP ranges and time periods during permission graph traversal.

    Goabacaccess-controlacl
    عرض على GitHub↗5,812
  • timber/timberالصورة الرمزية لـ timber

    timber/timber

    5,650عرض على GitHub↗

    Timber is a PHP library that integrates the Twig template engine into WordPress themes, providing an object-oriented framework for theme development. It wraps WordPress data — posts, terms, users, menus, and comments — in structured PHP classes, allowing developers to work with objects instead of raw arrays while keeping HTML markup separate from PHP logic through Twig templates. The library distinguishes itself by offering a complete set of tools for modern WordPress theme building. It includes a file-based template hierarchy with fallback chains, dynamic image manipulation with resizing, cr

    Returns HTML language attributes for the current site, useful for the tag.

    PHPhactoberfestphptimber
    عرض على GitHub↗5,650
  • rails-api/active_model_serializersالصورة الرمزية لـ rails-api

    rails-api/active_model_serializers

    5,342عرض على GitHub↗

    Active Model Serializers is a Ruby on Rails JSON serializer used to transform model objects and associations into structured JSON responses for APIs. It functions as a model-to-JSON mapper and response formatter that decouples internal database schemas from external API contracts. The project utilizes a pluggable adapter pattern to organize serialized data according to specific standards, such as the JSON API specification. It provides a mechanism to map internal attributes to custom JSON keys and implements a serialization scope that allows for attribute and association filtering based on au

    Controls which attributes and associations appear in the output based on the current authorization context.

    Rubyjsonresource-serializerruby
    عرض على GitHub↗5,342
السابق12التالي
  1. Home
  2. Security & Cryptography
  3. Attribute-Based Access Control

استكشف الوسوم الفرعية

  • AI Model RestrictionsPer-request access control for AI models based on identity, request paths, and payload content. **Distinct from Attribute-Based Access Control:** Specializes ABAC specifically for LLM and AI model interactions rather than general resource metadata.
  • Attribute Release PoliciesRules and filters that determine which specific user profile attributes are shared with registered applications. **Distinct from Attribute-Based Access Control:** Focuses on the selective release of identity data to clients, whereas ABAC focuses on using attributes to enforce access permissions.
  • Attribute Removals1 وسم فرعيOperations for programmatically deleting specific user attributes to manage access and personalization. **Distinct from Attribute-Based Access Control:** Distinct from Attribute-Based Access Control: focuses on the lifecycle management of attributes rather than policy enforcement.
  • Attribute Retrievals2 وسوم فرعيةInterfaces for fetching user attributes to support dynamic access control and personalization. **Distinct from Attribute-Based Access Control:** Distinct from Attribute-Based Access Control: focuses on the retrieval of attribute data rather than the enforcement of access policies.
  • Conditional Access Evaluators2 وسوم فرعيةFrameworks for evaluating dynamic logic alongside role assignments. **Distinct from Attribute-Based Access Control:** Focuses on conditional logic evaluation rather than general attribute-based access control.
  • Dynamic Attribute InjectionThe process of attaching real-time metadata from external sources to user profiles. **Distinct from Attribute-Based Access Control:** Focuses on the ingestion and attachment of attributes from external sources, not the evaluation of policies using those attributes.
  • Dynamic Attribute Policies1 وسم فرعيAuthorization rules that evaluate runtime attributes such as time, IP, or boolean flags during access decisions. **Distinct from Attribute-Based Access Control:** Distinct from Attribute-Based Access Control: focuses on evaluating dynamic runtime attributes rather than static metadata-driven policies.
  • Keychain Access Groups1 وسم فرعيGrouping credentials within the system keychain to allow sharing between multiple applications. **Distinct from Attribute-Based Access Control:** Specifically targets the Apple Keychain access group mechanism rather than general attribute-based policy engines.
  • Namespace Attribute Extensions1 وسم فرعيAdding dynamic metadata to namespaces to drive attribute-based access control. **Distinct from Attribute-Based Access Control:** Specializes attribute extension for network namespaces rather than general users or individual resources.