an eXtensible Authorization Framework As a Service
An Extensible and Flexible Authorization Service
Publications related to SAFAX
Get the source and binaries
Manuals, Guides & Tutorials about SAFAX
Stay up to date with the latest developments
People behind SAFAX

What is SAFAX?

SAFAX offers authorization as a flexible and extensible service. SAFAX is a novel XACML-based architectural framework tailored to the development of extensible authorization services for distributed and collaborative systems. The key design principle underlying SAFAX is that all components are loosely coupled services, thus providing the flexibility, extensibility and scalability needed to manage authorizations in complex environments.

SAFAX Vision

Cloud storage services have become increasingly popular in recent years. Users are often registered to multiple cloud storage services that suit different needs. However, data sharing is often implemented in an ad-hoc manner.

SAFAX provides a single point for users to deploy and manage their policies irrespective of where the data is actually stored. This provides significant benefits in cloud scenarios and in collaborative environments, where consumers need to share their data to other individuals in a secure manner.

Moreover, SAFAX decouples UDFs from the PDP and implement them as external, but pluggable services. This pluggable architecture allows SAFAX to be extensible in order to serve access requests that require complex processing in a scalable manner as well as consuming information from external sources.

To keep being up to date with SAFAX news, subscribe to the SAFAX mailing list.

TU/e - Security Group