Improved access control
State of the art access control for decentralized HTTP services. Fine-grained trust management with business workflow integration. Easy integration with legacy systems.
In a nutshell
ExcID integrates OpenFGA, an open source implementation of Zanzibar, which is Google's authorization system protecting YouTube, Drive, and other Google services. ExcID's solution allows administrators to determine the access rights of their users and issue authorizations in the form of Verifiable Credentials. Users can store their authorizations in their wallet of choice, including ExcID's own web-based wallet. Users can then use their wallet to gain access to protected resources in a secure and privacy-preserving way. ExcID's solution is based on ongoing work by W3C, IETF, and OpenID foundation.
Integrate business relationships
Model business relationships directly in your authorization model and implement in a seamless and straightforward way workflows such as delegation and group authorization.
Transitive access rights
Organize access control objects using relationships,
Smart Lamp1 is located in Smart Home1 and parameterize
your authorization model based on these relationships, e.g.,
A user that can
access Smart Home1, can access anything located in it
Improved management and interoperability
You can revoke any authorization instantly. Our policy decision point can check revocation status with every request. Similarly, you can implement zero-trust systems by enabling continuous authorization. Our solution allows businesses to federate and share protected resources in a controlled and secure way.