Usage scenarios

Anubis is designed with the following scenarios in mind:

  1. Support portability of data access control policies across different platforms. Suppose User A stores Data 1 in your Platform X, and then User A copy the Data 1 to Platform Y, given that policies defined by User A in Platform X are attached to Data 1 and expressed via a standard vocabulary, Platform Y can rely on policies attached to Data 1 to provide access, without User A having to re-develop the policies in Platform Y.

  2. (To be supported). Support automatic synchronization of access control policies in a distributed environment. Suppose two different platforms A and B adopts Anubis, when Data 1 is transferred from Platform A to Platform B, policies for Data 1 are also synchronized in Platform B. When User A, change policies linked to Data 1 in Platform B, updated policies are synchronized in Platform A. A single domain variant of this scenario is also possible, when for example, within the same platform, data is accessible at different locations (and local access control is applied).

  3. Decouple data access control from API format. Often, a complex platform is made of multiple APIs, and in several cases, the same data, for different purposes, may be accessible across different APIs. Usually policies mimic the API format, and this implies that for the same data, different policies may be required for each API where they are accessible, by decoupling API format and access control policies, it is possible to avoid that. Suppose that Data 1 is stored in API A and in API B, Anubis allow you to define a single set of policies to access Data 1 across both APIs.