OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [xacml-dev] [basic question] PEP recognizing authorized user.

>that said, one guess that one could ask the question, 'can 
>subject access resource for 5 minutes?'


Yep.  And as we went though this rat hole in New Orleans we concluded
that the proper way to do that would be to add an attribute to the
requesting context: "requested-duration", or something to that effect,
of the duration type and base your policy off that.

PDP can generally make a decision for a particular state of context, (or
for a countable set of such states) - not for a continuum of time or
other values.

D;

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]