HERAS-AF

HERAS^AF XACML engine

Developer(s)	HERASAF
Stable release	1.0.0-M2 / September 3, 2010; 17 months ago (2010-09-03)
Written in	Java
Operating system	Cross-platform
Platform	Java Virtual Machine
Type	Application framework
License	Apache License 2.0
Website	http://www.herasaf.org

Contents 1 The HERASAF Project 1.1 The HERASAF CREDO 2 References 3 External links

The HERAS^AF Project

HERAS^AF is a well established open-source project hosted and supported by the University of Applied Sciences Rapperswil in Switzerland. The project maintains three main targets:

• provide, sustain and extend the de facto reference XACML^[1] 2.0 implementation named HERAS^AF XACML.
• publish best practices, trends, know how and experience about modern enterprise software engineering.
• research in the wide area of application security with special focus on a holistic approach to meet enterprise requirements.

All development and solutions in any area of these three targets are and will be built upon freely available, established and future driven technologies and standards. HERAS^AF's main focus relies on interoperability, expandability and exchangeability of high quality software artifacts.

HERASAF was founded in 2005 and is an official open source project since 2006. It is very well established since 2008.

By today the HERAS^AF XACML Core has become a comprehensive XACML engine representing the de-facto reference implementation of XACML 2.0. HERAS^AF recommends every software architect or developer to use the HERAS^AF XACML Core instead of Sun's XACML Implementation.

All work delivered by HERAS^AF will always follow the same Credo that defines also the HERAS^AF project name.

The HERAS^AF CREDO

Holistic approach

HERAS^AF follows a holistic philosophy in all aspects of software engineering.

Enterprise Suitability and Readiness

HERAS^AF software components shall be adoptable as a non-intrusive framework, meaning that only minor changes have to be undertaken to integrate HERAS^AF software in an existing environment. HERAS^AF software is designed explicitly for adaptability and extensibility. The HERAS^AF API can be used to integrate corporate-specific components. These components simply need to use the extension points provided by HERAS^AF. HERAS^AF uses established and validated standards. This way it is based on solid ground and open for extension in the future. Extensibility enhances interoperability and helps integrating HERAS^AF in existing or future infrastructures.

Application Security

HERAS^AF is focussing on application security. This could be development of frameworks for security implementation, development of components for security administration or research on holistic end-to-end security integration.

Architecture Framework

HERAS^AF delivers software components establishing a framework for building highly customizable and extensible architectures.

References

External links

• HERAS^AF website
• OASIS XACML committee website