[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xacml] Agenda for November 15 Telecon...
i am having trouble coming to grips with this concept in a practical sense. here is an example of something that i work with on a regular basis: content filtering. let's suppose that i want to use a PEP to filter e-mail/news/media feeds, etc. based upon content. here are some examples: ALLOW (the easy stuff) ---------------------- ^From.*root\@.*(mydomain\.net|(mydomain|yourdomain|hisdomain|herdomain)\.com) ^From.*xacml\@lists.oasis-open\.org DENY ---- ^Subject:.*LOVEYOU ^Subject:.*invest.in.credit.card ^Subject:.*[sS]av((e)|(ings))?.up.to DENY ('score' based, may require multiple hits to deny) ---------------------------------------------------- Content: [(no)?(without)?].obligation Content: over.(18|eighteen) Content: bargain Content: (^debt|[ ]debt) Content: save.big Content: no.*fee this is a small sample of the hundreds (if not thousands) of conditions that can be used (i personally have hundreds). conversely, the number of possible character combinations comprising a request is litterally infinite. describing the ALLOWs is easy, but how does one generate a policy that says: deny message if the content contains: (^debt|[ ]debt) ? thanks b Pierangela Samarati wrote: > Hi > > as mentioned in the concall today al the last policy committee > call we discussed the issue of positive (meaning permissions; e.g., > "this principal can access this resource") and negative authorizations > (meaning denials: "this principal cannot access this resources"). > While it is true that you cannot do with permissions alone (many cases > call for more flexibility), it is also true that having denials > complicates the framework (mostly also since when you start having denials > you start thinking of the different semantics that they can carry - and > that who specified the rule may have intended). > > i had proposed an alternative solution inspired by a recent work, which > goes as follows. Distinguish two kinds of rules: > > 1) the ones that specify sufficient conditions (which are the permissions > above) > > 2) the ones that specify necessary conditions. > > instead of repeating descriptions and examples here, i am attaching you a > file of that work where the two forms of rules are introduced (Section > 4.2). Of course our language is different as more expressive; but that > gives the idea. > > only one thing, what i call "subject" > there is our "principal", what i call "object" is our "resource" > > pls just send me email (or post the group) for any clarification that may > be needed, and any comments. > > best > -p
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC