The Symas Blog
3 Turn Productions applauds service from Symas
In 2013 the president of Three Turn Productions, Judy Tyrer, reached out to the Symas Corporation for database help as she was preparing to launch her virtual roleplaying game, called Ever, Jane. The support she received then, and now, has been unrivaled. Click to learn how Symas helped her company.
Towards an Attribute-Based Role-Based Access Control System
We’ve all heard the complaint, RBAC doesn’t work. It leads to Role Explosion, defined as an inordinate number of roles in a production environment. Nobody knows who must be assigned to what because there are hundreds if not thousands of them.
How I Built an Access Management System Using Apache Directory Fortress
Watching application teams struggle implementing access control systems brings me to a talk I gave at ApacheCon a couple of years ago.
Howard Chu Shares What to Expect with OpenLDAP 2.5
Howard Chu is the Chief Technology Officer at Symas, the Chief Architect of the OpenLDAP Project, and an overall amazingly entertaining fiddle player (Google it.) This spring Howard spoke at FLOSS UK about the upcoming release of OpenLDAP 2.5. Tom Yates compiled a nice article summarizing these highlights. Click to read.
Oracle Lays off Mission Control Team after Open Sourcing Product
Earlier this week, Slashdot carried a story about Oracle Open Sourcing a product line as an opportunity to let the developers go. This is a story-line we have been watching for years.
A message from our President regarding Red Hat and SuSE removing OpenLDAP from their Linux Distributions
A few weeks ago, one of our strategic partners—a large European government and defense contractor—requested a call to discuss a big concern: the OpenLDAP server was slated to be removed from upcoming releases of Red Hat’s Enterprise Linux distributions.
New Sheriff in Town
And it don’t need no stinking badges. Yeah, I’m mixing clichés, happens sometimes when coding long hours in a stretch.
Programming in Python using the py-fortress RBAC APIs
py-fortress implements standards-based RBAC in Python. There have been numerous postings lately here about it.
Testing the py-fortress RBAC0 System
The Command Line Interpreter (CLI) may be used to drive the RBAC System APIs, to test, verify and understand a particular RBAC policy.
Using the py-fortress Command Line Interpreter
The Command Line Interpreter (CLI) drives the admin and review APIs, allowing ad-hoc RBAC setup and interrogation. More info in the README.
Introducing a pythonic RBAC API
py-fortress is a Python API implementing Role-Based Access Control level 0 – Core. It’s still pretty new so there’s going to be some rough edges that will need to be smoothed out in the coming weeks.
New Release: Symas OpenLDAP 2.4.45-4
Symas is continuously striving to provide our customers with excellent products. This on-going pursuit leads us to offer the new Production release of Symas OpenLDAP, Gold 2.4.45-4. Current customers, please visit the Downloads page to download Symas OpenLDAP Gold...
Why I love LDAPCon
This post is loosely based on a lightning talk last week in Brussels. We had a few minutes to fill and I felt compelled to spill my guts, despite having nothing prepared.
Preventing Remote Code Execution Exploits in Java
We all know there’s not a foolproof way to secure computing systems. But there are steps that can mitigate the risk of exposure once the inevitable breach occurs.
New Release: Symas OpenLDAP 2.4.45-2
Symas is continuously striving to provide our customers with excellent products. This on-going pursuit leads us to offer the new Production release of Symas OpenLDAP, Gold 2.4.45-2. Current customers, please visit the Downloads page to download Symas OpenLDAP Gold...
New Release: Symas OpenLDAP 2.4.45-1 Available
Symas is continuously striving to provide our customers with excellent products. This on-going pursuit leads us to offer the new Production release of Symas OpenLDAP, Gold 2.4.45-1. Current customers, please visit https://downloads.symas.com to download Symas OpenLDAP...
ApacheCon 2017: Symas Teams with Evolveum on Identity Governance Talk at ApacheCon
How to Govern and Maintain Compliance Using Open Source Identity Management Components - Katarina Valalikova, Evolveum & Shawn McKinney, Symas Corporation As platform usages continue to expand, so too will the number of identities, which corresponds with a need to...
Musing on the Future of Computing
Symas has set the pace in the database world with LMDB. The efficiency gains from LMDB's Single Level Store approach make LMDB's performance unmatched by any other technology. LMDB's approach is also ideally positioned to leverage future developments in memory and...
Symas OpenLDAP 2.4.44-5 Available
Symas is continuously striving to provide our customers with excellent products. This on-going pursuit leads us to offer the newest Production release of Symas OpenLDAP. For the first time, Symas OpenLDAP 2.4.44-5 is available for Debian 8 and Ubuntu 16. This release...
No case studies on ABAC?
Don't get me wrong, everyone needs at least RBAC, but it has limitations and doesn't work well with instance data in the authorization expression. This perceived need leads me to look for case studies describing large-scale deployments of ABAC. For example I'd like to...
We Can Stop Looking For That Panacea Now
It seems every year there's a new protocol for handling security. I was first sucked down into this black hole in the '90's. Few standards back then. Now, so many years and protocols have passed... https auth, x.509 auth, CSIv2, spnego, liberty, saml, ws-*, xacml,...
Ahem, it’s called Role-Based Access Control
Of late, on a quest, to educate the info sec community, the definition of RBAC. Not the first time. A couple years back, this role-infused rant: Using Roles for Access Control is Not Role-Based Access Control And before that this: An Introduction to Role-Based...
Apache Fortress Role Engineering Tutorial
The goals of this tutorial are to Gain understanding of the Role Based Access Control (RBAC) standard Learn the repeatable steps of the Role Engineering Process Learn about using the Apache Fortress RBAC engine To get started, follow the instructions in the...
Apache Fortress End-to-End Security Tutorial
The tutorial provides a how-to guide for applying end-to-end security enforcement across a sample Java Web environment using Java EE, Spring and Apache Fortress security. Requirements covered include authentication, authorization and confidentiality. Both declarative...