6 repository-uri
Frameworks for evaluating dynamic logic alongside role assignments.
Distinct from Attribute-Based Access Control: Focuses on conditional logic evaluation rather than general attribute-based access control.
Explore 6 awesome GitHub repositories matching security & cryptography · Conditional Access Evaluators. Refine with filters or upvote what's useful.
Casbin is an authorization library that provides a model-based engine for enforcing access control across diverse application environments. It decouples authorization logic from application code by using a configuration-driven approach, allowing developers to define access rules and evaluation logic independently. The system supports a wide range of access control models, including role-based, attribute-based, and relationship-based patterns, which are evaluated at runtime to determine if a subject is permitted to perform an action on a resource. The project distinguishes itself through a hig
Evaluates dynamic logic alongside role assignments to restrict or permit actions based on runtime context or specific attributes.
Firefox is a cross-platform web browser engine designed to render web content, execute JavaScript, and manage secure browsing sessions. It utilizes a multi-process isolation architecture that distributes browser tasks across independent operating system processes to ensure stability and prevent site-specific failures from impacting the entire application. The engine incorporates a sandboxed execution environment to restrict web content and untrusted scripts to isolated memory compartments, enforcing security policies that prevent unauthorized access to system resources. The project distinguis
Determines if one security context has authorization to access another by checking if the former subsumes the latter.
Evaluates runtime attributes such as IP ranges and time periods during permission graph traversal.
LoopBack Next este un framework API Node.js utilizat pentru construirea de API-uri REST și multi-protocol. Funcționează ca o implementare de server OpenAPI care poate fie să genereze specificații lizibile de către mașină din cod, fie să producă controllere și modele de implementare din specificații existente. Framework-ul se remarcă printr-un container central de injecție a dependențelor și un strat de acces la date bazat pe modelul repository. Această arhitectură decuplează logica aplicației de construcția componentelor și stocarea persistentă, permițând un sistem pluggable unde sursele de date și logica de business sunt izolate printr-un sistem standardizat de conectori. Proiectul acoperă o gamă largă de capabilități, inclusiv controlul accesului bazat pe roluri cu strategii de autentificare pluggable și orchestrarea serviciilor externe REST și SOAP. De asemenea, oferă instrumente pentru comunicarea în timp real prin endpoint-uri WebSocket, validarea schemelor JSON și scaffolding-ul automatizat al proiectelor printr-o interfață de linie de comandă. Dezvoltarea este susținută de un set de instrumente CLI pentru bootstrapping-ul aplicațiilor, generarea componentelor API și gestionarea dependențelor proiectului.
Evaluates dynamic authorization votes and applies precedence rules to determine request access.
Cerbos is an open-source authorization service that provides a centralized, language-agnostic engine for managing access control. It functions as a policy-as-code platform, allowing teams to define, test, and distribute authorization rules using declarative YAML or JSON configurations. By decoupling access logic from application code, it enables consistent permission enforcement across diverse service stacks. The project distinguishes itself through its ability to translate high-level authorization policies into native database query filters. This capability allows applications to enforce sec
Uses expression language to define boolean logic for authorization decisions based on request attributes and context.
Atmosphere is a Java-based framework for building and coordinating AI agents. It provides a real-time transport layer for streaming data via WebSockets, SSE, gRPC, and WebTransport, alongside a multi-agent orchestration framework for managing agent fleets through sequential, parallel, and graph-based execution workflows. The project features a durable workflow engine that persists agent state as snapshots, allowing long-running tasks to survive system restarts and incorporate human-in-the-loop approvals. It also implements Model Context Protocol servers to expose tools, resources, and prompt
Evaluates data-dependent branches both statically and dynamically to ensure that all possible execution paths are safe.