Resource attributes
Terminology
Resource attributes can be used to define resource objects within Bravura Security Fabric ; for example, you can configure a ”Location” attribute to be a mandatory value for target systems, to help users quickly find resources that are in the same location. Other examples include owner, risk level, department, division, and so on.
Resource entitlement attributes are resource attributes that define the relationship between two resources. An entitlement attribute is used to set entitlements on members of a resource.
Group entitlement attributes define the relationship between a user and their group membership; for example, the membership expiry date is a group entitlement attribute for the relationship between a user and their group membership.
Role entitlement attributes define the relationship between a user and their role assignment; for example, an expiry date for a student’s registration in a math course at university is a role entitlement attribute for the relationship between the student and their role as a math student.
Access control
Resource attributes and entitlement attributes are accessible via the Bravura Security Fabric UI, and can be displayed and can be modified, subject to access control policies. You apply and control access to resource attributes by adding them to resource attribute groups , which you then configure to define:
Target systems
Template accounts
Roles
Managed groups
Segregation of duties rules
Resource attributes and entitlement attributes differ from built-in resource parameters, such as resource ID, in that they are not required by Bravura Security Fabric , and they are stored in a separate database table.