[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xacml] XACML Issues List Version 01
Hi, > I too would like to see actions in this context. in today's TC concall, some people mentioned that "action" is already used with different semantics (=the operation the principal is requesting). that's true, so we should find another term. the point is, however, that the semantics of "postconditions" now seems really to be a reaction of the system, not the evaluation of a state, so terminology should reflect the semantics. > However, I have a question. What is the purpose for actions (i.e. these > post conditions) after checking a policy? What types of actions are > allowed? examples that were brough up for post-conditions were things like "logging the request", essentially they are actions that the system executes in response to granting an access, or simply having evaluated the authorizations (discussion on the specific behavior is still open). > Do they change the state of the policy? if you mean the set of rules i guess the answer is no (they should not change the rules). but again, post-conditions are one of the issues which have not discussed fully. best -p
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC