A C implementation of the SmartABAC access control model. See our paper here. An Elixir version is also available (there are more usage examples in that version).
Current status:
- helpers to instantiate attributes, requests, permissions, graph
- PDP: given a request and a set of policies, can make a decision
- attribute expansion using depth-first search
- load policies from json/cbor
Commands
make run
make test
Platforms
- Unix
- Mbed
- ESP32
Benchmarks
Laptop Intel quad-core i7 1.8 GHz, 8 GB RAM
- The time taken to authorize 1 request against 6 policies, 3000 times, was 0.811000 ms
- The time taken to authorize 1 request against 3000 policies was 0.221000 ms
Labrador, ARM quad-core 1.3 GHz, 2 GB RAM
- The time taken to authorize 1 request against 6 policies, 3000 times, was 5.733000 ms
- The time taken to authorize 1 request against 3000 policies was 0.964000 ms
ESP32, Xtensa dual-core, 240MHz, 520 KB RAM
- The time taken to authorize 1 request against 6 policies, 3000 times, was 53 ms
- The time taken to authorize 1 request against 3000 policies was 18 ms