Right now, we're identifying needs and use cases. We agreed that our next task would be to invent some way for an application to ask questions like "does UserX have OperationY access to ResourceZ?" Yes, it may be a little odd to invent the way to ask the question before deciding who is authoritative for the policy.
>>> Prateek Mishra <prateek.mishra@xxxxxxxxxx> 03/26/08 10:17 AM >>> Who is publishing the policy - "UserX has OperationY access to ResourceZ"? Is it the owner or custodian of the resource? Or is it someone else?
And how is the UserX "known" to the policy publishing entity? Might this take the form of "Authority Y states this is Joe". If Authority Y is a well-behaved auth engine, shouldnt it guarantee that names arent re-used?
I guess identifying the different players here would help me understand the problem better
- prateek > > Duane made this observation: > > > * If AuthZ allows us to express something like "UserX has OperationY > access to ResourceZ", then we must disallow renames of entities. > > ** Otherwise, if the "UserX" or "ResourceZ" entities are renamed, we > have a problem where the AuthZ is disconnected. > > *** Worse, if UserX is removed, and another one added, they will be > unwittingly granted access. > > > This is especially true if we allow the AuthZ to be managed by a > layered CP, because the underlying Context might be directly accessed > to perform a rename, leaving the upper "authZ CP" unaware of the fact > that it has a disconnected authZ statement. > > ------------------------------------------------------------------------ > > _______________________________________________ > higgins-dev mailing list > higgins-dev@xxxxxxxxxxx > https://dev.eclipse.org/mailman/listinfo/higgins-dev >
_______________________________________________ higgins-dev mailing list higgins-dev@xxxxxxxxxxx https://dev.eclipse.org/mailman/listinfo/higgins-dev
|