[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xacml] Obligations
In this model (deed, deadline, sanction) what party is taking on responsibility on applying sanction? Simon ----- Original Message ----- From: "Polar Humenn" <polar@syr.edu> To: "XACML" <xacml@lists.oasis-open.org> Sent: Monday, February 25, 2002 6:45 AM Subject: [xacml] Obligations > > I don't like the proposal that if the PEP cannot perform all intended > obligations on a Permit that the access decision should be "Deny". > > It really begs the question of the PDP knowing what the PEP can or cannot > fulfill in its policy evaluation, because it implies that if the > obligation cannot be fulfilled by the PEP, that according to the proposal, > it is actually really a Deny. > > Even leaving the PDP out of it, the PEP may not know if it could fulfill > any operations until the PEP actually tries it. In simplist scenario, the > obligation may not even terminate, or may be something like "delete record > after 60 days" as has been pointed out. > > I think there may solution for that problem which is illustrated in a > paper by Nafty Minsky. It's quite old, 1985, but might be to the point. > The citation is below. I'll put the approach in our context: > > Since the PDP is asked by the PEP for a specific access request, we might > want the PEP (or some other entity under control of the PEP) to keep track > of enacted obligations and make sure that they are fulfiled. > > Obligations have the form of a triple of (deed,deadline,saction) where the > semantics are to the PEP: The obligation says that the deed must be > fullfilled by the deadline, or else the sanction will be executed (i.e. > rectifying the situation). No, the sanction cannot be "deny". > > You have to take the following philosophy: > > Access has been granted with certain obligations and if obligations are > not fullfiled (by the deadline), then something is done to rectify the > situation, i.e. possibly: for being granted access some punishment is upon > you for not fullfilling the obligations. > > This approach allows the PDP to tell the PEP what to do in the event that > the PEP cannot enforce the obligations to be met, within some time frame, > instead trying to figure out whether obligations like (delete record in 60 > days) can be fullfiled. > > The Citation. It is avalable off of the ACM Portal. > > Proceedings of the 8th international conference on Software engineering > 1985 , London, England > > Ensuring integrity by adding obligations to privileges > > Authors > Naftaly H. Minsky > Abe D. Lockman > > Sponsors > IEEE-CS : Computer Society > SIGSOFT : ACM Special Interest Group on Software Engineering > > Publisher > IEEE Computer Society Press Los Alamitos, CA, USA > > Pages: 92 - 102 Proceeding-Article > Year of Publication: 1985 > ISBN:0-8186-0620-7 > > > Cheers, > -Polar > > > > > > ---------------------------------------------------------------- > To subscribe or unsubscribe from this elist use the subscription > manager: <http://lists.oasis-open.org/ob/adm.pl> > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC