HomeDownloadsUser GuideDevelopment

Home: Index

Welcome to OpenPermis

2009/08/10

Beta release available.

Release 0.9.0 of the of OpenPermis is available in the download section.

What is it?

OpenPermis is an implementation of a policy decision point (PDP) and its infrastructure as needed to realize a Role Based Access Control (RBAC) authorization mechanism / Privilege Management Infrastructure (PMI). It is based on the use of X.509 attribute certificates and can be deployed as an integral part of an application or as a dedicated service in a distributed environment (i.e. a service-oriented architecture).

Who is working on it?

PERMIS and OpenPERMIS and its concept were first developed at the University of Kent in the Information Systems Security Group. Due to concern on the reviewability of the code, the Swiss Department of Defense, Civil Protection and Sport (DDPS) is now re-implementing the framework as a base authorization element for the new Joint Architecture Project. Ergon Informatik AG has been selected as a partner for this implementation work.

What is the outlook and status?

The new implementation is an ongoing work. These are the major milestones on the road-map:

  1. Re-implement the decision engine (PDP) as a robust Java API and the policy editor.
  2. Extend OpenPermis to an enterprise-grade RBAC framework (e.g. support an enterprise-wide role hierarchy).
  3. Re-implement the decision engine (PDP) as a robust Java API and the policy editor.

We are currently in phase one. A detailed description of what has been implemented with regard to the pre-existing PERMIS code can be found here.

Who needs it?

Any organization needing to cope with a robust and heterogeneous IT-environment (i.e. discontinuous availability of parts of the system) and with distributed services with a throughout authorization and audit trail (e.g. no ?technical users? in-between). An example of such an organization having such requirements is the military.

Latest News

2009/08/11
[openpermis]
beta
Beta Release 0.9.0
  • Added role assignment tool.
  • Added configuration option to editor.
  • Introduced new subject handling and LDAP support.
  • Various bug fixes.
2009/05/20
[openpermis]
alpha
Alpha Release 0.4.0
  • Added XACML Request/Response Support.
  • Added SLF4J debug logging in core.
  • Fixed bug 208, file chooser filter.
  • Fixed bug 216, create only valid pdp's.
  • Fixed bug 225, editor doesn't show technical strings anymore.
  • For each simple, xacml, ldap and ejb Hello World three integration tests added to the 'integration' project, for a total of twelve integration tests.
2009/05/07
[openpermis]
alpha
Alpha Release 0.3.0
  • First OSOR.EU release.
  • Unified version, all modules use the same versioning information now.
  • Added LDAP example.
  • Obligation support in core.
  • Lots of bugfixes and minor changes to the policy editor.

The above table lists the first three news entries. For older news entries please refer to the News Archive.