Skip to main content

The most recent patch for this version is 7.0.1.  Learn more  

Version: 7.0

The Policy Design Board

The Policy Design Board occupies the area to the right of the Workspace. When no Policy Package has been selected, the Policy Design Board appears as a large open space resembling a white board. It is here that policy sets, policies, and their associated rules and references can be created and assembled into policy trees of almost limitless size and complexity.

A menu bar stretches across the top of the Policy Design Board that includes the name of any selected Policy Package as well as icons for creating policy sets, policies, rules and references. Selected nodes can also be deleted from here.

Nodes

There are three main types of nodes: Policy Set nodes, Policy nodes and Rule nodes. A Policy Set, Policy and Rule node appear by default on the Policy Design Board when a new Policy Package is created and opened. The graphical representation of XACML elements as nodes makes it easy to create and structure Policy Trees. There is also a Reference node that can refer back to another policy or policy set node.

Policy Set node

The Policy Set node appears as a rectangular box on the Policy Design Board. It contains a space for a description of the Policy Set and a drop-down menu marked with an abbreviation of the combining algorithm currently set for the node. Click on the drop-down menu to select a different combining algorithm.

Clicking on the node itself opens an edit panel where the user can enter a policy set description, set a Target, create an Obligation or Advice, and select the combining algorithm. Arrows in the upper right of the window can be used to expand and minimize the window size.

The combining algorithm section of the window has the same functionality as the drop-down box on the node itself.

Below the Target Editor and the Combining algorithm drop-down menu is the Obligations and Advice Editor. Use this in conjunction with the Obligations and Advice Dictionary to create Obligations and Advice.

Policy node

The Policy node functions exactly like the Policy Set node. It also contains a policy description space and a drop-down menu for the combining algorithm. Selecting the node opens an edit panel just like that described for the Policy Set node, where a policy description can be written, Targets, Obligations and Advice added, and a combining algorithm set.

Rule node

The Rule node has a space for a rule description and an icon in the lower right corner that indicates whether the rule is set for permit or deny. The default setting is Deny. Selecting the node opens an edit panel that allows the user to provide the rule description, set deny or permit, and add Targets, Conditions, Obligations and Advice.

There is also a Condition Editor available that can be used to write more complex expressions. See Condition Editor for more information.

Reference node

Use the Reference node to select either a policy set or policy as a destination node to which a policy set or policy may refer.

Status bar icons

To the left of the status bar at the bottom of the window, you have a set of extra controls to help navigate on the Design Board.

From left to right these icons are used to:

  • Left align the nodes on your Design Board

  • Enable drag mode in which you can move the entire Design Board in any direction you want.

  • Select nodes that you want to work with

  • Zoom out or zoom in

  • Open or close the Bird's-eye-view pane

Bird's-eye-view pane

The entire scope of a large policy tree will generally not be entirely visible on the Policy Design Board. To give an overview of the entire layout of the policy tree currently open, a Bird's-eye-view pane has been provided in the lower right corner of the Design Board.