3 Repos
Utilities for processing multiple authorization checks in a single operation.
Distinct from Policy-Based Access Control: Distinct from Policy-Based Access Control: focuses on the efficiency of bulk request processing rather than the policy enforcement model.
Explore 3 awesome GitHub repositories matching security & cryptography · Batch Authorization Evaluators. Refine with filters or upvote what's useful.
Casbin is an authorization library that provides a model-based engine for enforcing access control across diverse application environments. It decouples authorization logic from application code by using a configuration-driven approach, allowing developers to define access rules and evaluation logic independently. The system supports a wide range of access control models, including role-based, attribute-based, and relationship-based patterns, which are evaluated at runtime to determine if a subject is permitted to perform an action on a resource. The project distinguishes itself through a hig
Processes a collection of authorization checks in a single operation to efficiently validate large sets of data.
OpenFGA is a fine-grained authorization server and policy decision point that implements relationship-based access control. It serves as a centralized authorization service for evaluating access requests and managing relationship tuples across distributed microservices and multi-tenant environments. The engine combines relationship graphs with attribute-based access control, using the Common Expression Language to evaluate dynamic runtime attributes and conditional access rules. It handles complex hierarchies and nested permissions by traversing chains of associations and parent-child links t
Evaluates multiple authorization requests in a single batch call with configurable short-circuiting to reduce latency.
Cerbos is an open-source authorization service that provides a centralized, language-agnostic engine for managing access control. It functions as a policy-as-code platform, allowing teams to define, test, and distribute authorization rules using declarative YAML or JSON configurations. By decoupling access logic from application code, it enables consistent permission enforcement across diverse service stacks. The project distinguishes itself through its ability to translate high-level authorization policies into native database query filters. This capability allows applications to enforce sec
Executes multiple authorization checks in a single call with configurable execution semantics to optimize performance.