[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [Rep]: RE: Bibliography
Thanks for pointing out the AAA grammar again Suresh. And sorry it dropped though the cracks Krishna. Mishiharu could you add it to the list of related stuff on the website? Also, RFC 3060 is in the queue of things to add to the site. We are just working out some mechanics regarding the update process with OASIS. Anyone interested in starting a discussion about the AAA grammar doc before or during use case development. It seems to me there are some theoretical things we can hash through prior to completing use cases. I, for one, find the proposed grammar quite problematic. It has a highly procedural, rather than declarative nature. This will make it extremely difficult to check policies for inconsistency and/or completeness. (Yes, yes, I know checking for inconsistency and/or completeness is likely an NP problem in an arbitrarily large set of policies over an arbitrarily large set of resources, but I think we should come up with something that gives us a reasonable shot at checking things.) This is not to say we couldn't write a compiler that would produce procedural code like that proposed, but let's not define the policies that way at a base level. And, of course, I am assuming that one of our use cases would either rule out inconsistent policy or require the ability to check for inconsistent policy. On a more positive note, the AAA document does contain useful background info. > -----Original Message----- > From: Damodaran, Suresh [mailto:Suresh_Damodaran@stercomm.com] > Sent: Wednesday, June 27, 2001 9:38 AM > To: 'Simon Y. Blackwell'; 'xacml@lists.oasis-open.org' > Subject: RE: Bibliography > > > I didn't see RFC 3060 at the website, it would be good to add. > > Another article on grammar for policy would be a good one to add too > http://iridal.phys.uu.nl/aaaarch/rfc/draft-irtf-aaaarch-generi > c-pol-00.txt > (Krishna sent this one way back). > > Another interesting article, on Role Based Access Control is > http://patriot.net/~kurt/IEEE-IC-Gutzmann.pdf > Not sure you want to post it at the site. > > -Suresh > > -----Original Message----- > From: Simon Y. Blackwell [mailto:sblackwell@psoom.com] > Sent: Wednesday, June 27, 2001 11:21 AM > To: 'xacml@lists.oasis-open.org' > Subject: Bibliography > > > I am putting together a bibliography/recommend reading list for our > activities. If anyone has any suggestions other than what is > on the site, > please let me know. I am particularly interested in documents > discussing the > +/- of different access control approaches. > > Simon Y. Blackwell > CTO > Psoom, Inc. > Voice & Fax: 415-762-9787 >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC