Showing posts from July, 2011

OPA for HTTP Authorization

Open Policy Agent[1] is a promising, light weight and very generic policy engine to govern authorization is any type of domain. I found this comparion[2] very attractive in evaluating OPA for a project I am currently working on, where they demonstrate how OPA can cater same functionality defined in RBAC, RBAC with Seperation of Duty, ABAC and XACML.  
Here are the steps to a brief demonstration of OPA used for HTTP API authorization based on the sample [3], taking it another level up.
Running OPA Server First we need to download OPA from [4], based on the operating system we are running on.  For linux, curl -L -o opa Make it executable, chmod 755 ./opa Once done, we can start OPA policy engine as a server.
./opa run --server Define Data and Rules Next we need to load data and authorization rules to the server, so it can make decisions. OPA defines these in files in the format of .rego. Below is a sample …

MIT - AITI experience

How I got the chance to join I got the chance to join the MIT-AITI (which was Massachusetts Institute of Technology, African Internet Technology Initiative and now goes as Asian ) program while I was completing my internship period of 24 weeks. Thank to WSO2, where I was having my internship I could get a release to join the program for 6 weeks and I am writing this just after the 2 week of the AITI program. As I feel that I have used that time effectively, hope to keep a note on what I got. Today was a more challenging and interesting day and it will be worth to have a note on what I have done in the course so far. An overview on the course can be found in the given link.

Very first day At the very first day we were emphasized on the purpose of the course is not just to teach us mobile technologies, but also to make people use them as real applications. In brief we were at the beginning of becoming entrepreneurs initializing a company based on mobile applications. Honestly I felt whethe…