Adding or modifying a security policy

(Getting Ready) Scenario description

This recipe describes how a developer or an integrator can create a new policy with the interface of the INTER-FW. An INTER-IoT policy is is used to describe general access control requirements, and has standard extension points for defining new functions, data types, combining logic, etc. As in all recipes related to the INTER-FW usage, the deployment has very simple requirements: a computer connected to the Internet and access to the Identity Server.

Recipe ingredients

Hardware: One computer, Internet access infrastructure

Software: An operative system. In the example we will use Ubuntu 18.04. INTER-FW deployed locally or in a remote server. Identity server deployed in reachable servers.

(How to Do it) Accessing the policies tab

Step 0. Login with an Administrator user.

Step 1. Click tab 'Policies' of the INTER-FW left menu bar.

Step 2. Press 'Add' button

Step 3. A text field form is displayed to enter the XACML fomatted policy.

The policy is introduced in raw text. In the section useful links we include bibliography to learn the XACML policy description language, which is out of the scope of this Cookbook.

(How it Works) Running and collecting results

Once a policy is created, this is available in the policies list shown in the Step 1. These policies are used to apply security rules to different assets in INTER-IoT.