[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [regrep] ebXML Registry and Dublin Core
<Quote> the true potential for XACML is as a 'single sign-on' gateway </Quote> I know exactly what you meant, but mixing the terms "single sign-on" and access control is often dangerous. Most folks associate SSO with SAML/Liberty Alliance, which is all on the authentication side of things (which includes identity management). Access control assumes that the user/resource has already been authenticated, and - now knowing that their identity is valid - what resources they have access to, at what level, in what manner etc. <Quote> let us not forget Dublin Core. IMHO the registry should allow both the DC core & extended elements to be applied to any and all types of objects. i.e. expand the information that is known about a particular asset </Quote> Yes - I think a mapping between Dublin Core metadata and our RIM would be very useful. Then the Content Indexer could be used to perform the translation between the 2. David Webber mentioned GILS (Global Information Locator Service) to Farrukh and I recently - there is a GILS/Dublin Core crosswalk available. So if we support GILS, we can support Dublin Core through the crosswalk (if we choose that approach). There also exists a crosswalk between GILS and UDDI - so we could have UDDI --> GILS --> ebXML Registry as well. Joe Carl Mattocks wrote: > > In the world of large organizations (the world they create) direct access to databases is strictly limited to DBAs and approved applications. IMHO (similar to Joe) the true potential for XACML is as a 'single sign-on' gateway to many information sources (database and other CMSs). > > Regarding standard for CMS - let us not forget Dublin Core. IMHO the registry should allow both the DC core & extended elements to be applied to any and all types of objects. i.e. expand the information that is known about a particular asset . > > > <Quote> > > But looking at this from the customer's point of view -- they're > > accustomed to defining access control policies in the database. > > > > Absolutely - the human factor and change management is always an > > important consideration (it's often a deal maker or breaker). An "XACML > > Gateway" from the large database vendors might help solve this. > > carl > Carl Mattocks > CEO CHECKMi > e-mail: CarlMattocks@checkmi.com > ******************************************* > Business Agent Software that > Secures Knowledge for Reputation:Protection > ******************************************* > CHECKMi Compendium the shortcut to Valued & Trusted Knowledge > ******************************************* > www.checkmi.com > (usa)1-908-322-8715
begin:vcard n:Chiusano;Joseph tel;work:(703) 902-6923 x-mozilla-html:FALSE url:www.bah.com org:Booz | Allen | Hamilton;IT Digital Strategies Team adr:;;8283 Greensboro Drive;McLean;VA;22012; version:2.1 email;internet:chiusano_joseph@bah.com title:Senior Consultant fn:Joseph M. Chiusano end:vcard
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]