Description: Constable Authorization Engine (CAZE) is a .NET Framework class library for managing and using application-defined authorization policies easily and efficiently.
The CAZE authorization policy is stored as a XML document and it represents a set of authorization rules associated with an application or an object. The authorization policy consists of roles, states, actions, properties and authorization rules. The authorization policy is manipulated and queried by calling the CAZE API from within an application.
CAZE leverages the .NET's role-based authorization model and employs table-driven, finite-state machine techniques, making the application's authorization-related logic centralized, explicit and unambiguous. This improves application's security, reduces code complexity and enables introduction of automated testing techniques.
CAZE is implemented in verifiable C# code and it has been designed for use in the application's business tier. CAZE doesn't mandate any particular design or implementation approach.