Showing posts from April, 2012

OPA for HTTP Authorization

Open Policy Agent[1] is a promising, light weight and very generic policy engine to govern authorization is any type of domain. I found this comparion[2] very attractive in evaluating OPA for a project I am currently working on, where they demonstrate how OPA can cater same functionality defined in RBAC, RBAC with Seperation of Duty, ABAC and XACML.  
Here are the steps to a brief demonstration of OPA used for HTTP API authorization based on the sample [3], taking it another level up.
Running OPA Server First we need to download OPA from [4], based on the operating system we are running on.  For linux, curl -L -o opa Make it executable, chmod 755 ./opa Once done, we can start OPA policy engine as a server.
./opa run --server Define Data and Rules Next we need to load data and authorization rules to the server, so it can make decisions. OPA defines these in files in the format of .rego. Below is a sample …

GSoC2012 with Apache Wookie

Today I got the news of the proposal I submitted to GSoC2012, is accepted. I consider it a great achievement and so excited to make the project a success. With the nature of the program it is no wonder anyone get excited about it. Firstly having the chance to work for a recognized company(In my case Apache) and the global reputation a gsocer can have is so motivational. Also getting started to work with a strange team, getting to know them, work remotely, add good experience to life and high professional value as I guess. It's amazing to work with the community. Also it is a great chance to broaden the horizons in technical skills while having guidance from an expert in the area, having hands on it.

Also I'm glad to share about my project, which is to implement 'W3C XML Digital Signatures for Widgets Specification in Apache Wookie. Computer Security has become the favorite field of me followed by Big data after my internship at WSO2 Lanka(pvt) Ltd, with experience I had …