[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xacml-comment] Target merging and matching
On 23 July, John Howard writes: Re: [xacml-comment] Target merging and matching > The potential problem with the MatchId is the complexity, from a programming > point of view, of computing a merge. If you allow too much flexibility the > merge software becomes incredibly complex. We have always said that "computing" merged targets is likely to be intractable in many cases. I think in cases such as the one you describe, that the policy writer will write the Target to cover the set of subjects and resources that the policy writer is responsible for covering, then include the rules that should apply, rather than trying to compute the Target from the rules. On the other hand, we are still actively working on the syntax and semantics of Target matching, so it is good to have your examples in front of us as we weigh the trade-offs between various alternatives. Anne Anderson -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC