[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [cloudauthz] Groups - CloudAuthZ-usecases-v1.0-1a-BAC-usecases-added.docx uploaded
Hello, I had some minor comments about the use-case document. I have a permanent conflict with the TC calls so I haven’t been able to attend them recently but I will follow up on
the mailing list if these comments are discussed. - Use-Case 2 (Integrity Indices): We need to clarify whether we are considering Biba-style
discrete integrity labels, or a floating-point fuzzy integrity level. The complexity of the model and the mathematics for policy evaluation will be very different based upon this and this will also determine what existing technology can be used to enforcing
such policies. I think the same about the “risk-based access control” use case.
- Use-Case 3 (Entitlement Catalogue):
Is anyone aware of a standard vocabulary for business/workflow tasks in an area other than healthcare? The idea is great but I am trying to clarify its feasibility. Also, I suggest considering a semantically-connected set (ontology) of business tasks rather than a flat list as this can be important in capturing some more advanced policies
that care about the relations between different business tasks; e.g. “the employee is entitled to ‘send an email to a customer’ only is this task is part of the ‘billing’ task.” Regards, Mohammad Jafari, Ph.D. Security Architect, Edmond Scientific Company From: cloudauthz@lists.oasis-open.org [mailto:cloudauthz@lists.oasis-open.org]
On Behalf Of Radu Marian
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]