Comments on: Authorization Performance Myth Busting

By: ggebel

ggebel — Fri, 03 Dec 2010 16:41:02 +0000

Chi – you are right that querying whether a user has access to large numbers of assets is a bit challenging for XACML-based systems. However we have an interesting way of addressing this and you can contact me at gerry-at-axiomatics-dot-com to learn about it.

Gerry

By: Chi

Chi — Fri, 26 Nov 2010 05:56:00 +0000

One problem I need to solve is user searching/browsing in a repository. For example, if the repository has 100k+ assets (or even millions), and we employ a faceted search engine like Apache Solr, how can we get around this performance problem? Note that Solr faceted search requires looking through all the assets in the repository via its indexes? Even without Solr, if you just want to offer paged search results, you will still need to iterate through the assets. Is the answer simply: no it cannot be done?

By: Diagramming XACML Performance « Analyzing Identity

Diagramming XACML Performance « Analyzing Identity — Thu, 15 Jul 2010 02:56:00 +0000

[...] XACML Performance In a previous post discussing XACML performance myth-busting, I described several areas in an XACML authorization [...]

By: #XACML Architecture Implementations should be modular

#XACML Architecture Implementations should be modular — Wed, 30 Jun 2010 21:59:54 +0000

[...] The modularity and flexibility of the architecture will impact greatly performance as Gerry Gebel explains in one of his myth-busting posts on XACML. [...]