Eclipse Keti

Primary tabs

Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control (ABAC).

The solution itself is implemented as a cloud-native RESTful API that adheres to the guiding principles of the twelve factor app. Key characteristics of the service include:

  • Central management of policies and privileges
  • The ability to manage hierarchical privileges (e.g. sub-groups) and scoped privileges (e.g. assigning elevated privileges based on the resource accessed)
  • A policy format tailored for developers who build RESTful APIs
  • An access control decision engine

Spring Boot is the primary framework that Keti is built on. Additionally Keti uses the following open source libraries:

An operator deploys Keti in the same datacenter where the web services it protects are deployed. Either a common gateway, or the web service itself, sends requests for authorized access to Keti and enforces the decision received in the response. When deployed, Keti typically has the following service dependencies.

Below is a basic diagram of how Keti fits in the interaction between web application and web service.