The ATLAS experiment is operated daily by many users and experts working concurrently on several aspects of the detector.
Access Management via a rich web-based interface.
This paper presents the requirements, design and implementation of the "Policy Browser". The tool is able to aggregate and correlate all the information provided by the RBAC system and offers a visual representation of the interrelations occurring among roles, users, hosts and rules. Additionally, the "Policy Browser" implements a powerful and flexible query mechanism facilitating the browsing of all the authorizations granted by the system. As an example of the available visual representations, the "Policy Browser" is capable of dynamically generating
graphs to quickly display the role giving a user some defined privileges. A graph explorer is also provided in order to browse the role's inheritance hierarchy.