[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [wsia][wsia-requirements][R150 - R153]
The security subcommittee has been working on identifying security related requirements. Looking at the current requirement numbering, I'll assign these numbers in the range R150-R199 so we can cleanly discuss them prior to adding them into the requirements document. R150 The authentication state of the End-User MUST be represented in the Producer's context data. This authentication state SHOULD be modifiable by the Producer, Consumer and End-User. R151 A Producer SHOULD timeout the authentication state of an End-User separately from any other timeout. R152 The specification MUST allow a Consumer to offer Single SignOn (SSO) functionality. R153 It SHOULD to make the communication channels private and/or integral such that message modifications are detectable. A Producer SHOULD be able to specify Access Control for its context data. Producers MUST generate an error on invalid access attempts.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC