CTSC and Wildbook (formerly called IBEIS) implemented an RBAC prototype using the open source wso2.com software, which implements the System for Cross-domain Identity Management (SCIM) and eXtensible Access Control Markup Language (XACML) standards. This prototype defined multiple roles and access policies:
Media Asset Contributors
Organization Members (Users)
media assets, annotations, encounters, etc.
Assign roles to users
Share org A data with org B
Access to APIs
The prototype demonstrated the ability to implement access policies using the XACML Subject-Resource-Action pattern. For example:
|Organization Member||Media Asset||Create/Read|
|Organization Administrator||Organization Policy||Create/Read/Update/Delete|
Tanya Berger-Wolf (Wildbook) and Jim Basney (CTSC) presented the results of the collaboration at the July 2016 International Conference on Computational Sustainability (http://www.compsust.net/compsust-2016/).
The next step will be to schedule a follow-on engagement to take the lessons learned from the prototyping exercise to deploy XACML-based RBAC in the online Wildbook system.
To learn more about Wildbook/IBEIS, watch the livestream at 8:45am EDT on Thursday, October 13 (or the recording to be published after) of Professor Tanya Berger-Wolf presenting at The White House Frontiers Conference: http://frontiersconference.org/tracks/national
To apply for a one-on-one engagement with CTSC, visit: http://trustedci.org/application/