MotOrBAC is a tool to help you design and implement a security policy using the OrBAC (Organisation Based Access Control) model. It is developped using the OrBAC API, an implementation of the OrBAC model.
An OrBAC policy is specified by creating abstract rules which apply on roles, activities and views. They are associated with a context
MotOrBAC can detect conflicts between abstract rules and helps the policy managers solve them
The concept of context makes OrBAC security rules dynamic. They can be specified using several languages
Abstract entities incllude roles, activities, views and organizations. They can be easily manipulated in the GUI
Entity definitions can be used to specifiy constraints over a policy and can also be used to automatically assign concrete entities to abstract entities
When creating a new policy, the policy implementation can be chosen. This also means that new policy implementations can be added in the API by contributors