[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xacml] Re: Boolean Policy resolution
conversely you have the example: your dept wants to make sure that requirements of corporate AND department are met before allowing access. someone at corporate enters a typo that causes the policy to return 'not applicable'. user granted access even though they would have been denied such access had the policy been written correctly. b >>kinda pulls the teeth from an AND clause, doesn't it? >> > > I disagree. A predicate evaluates to "NOT-APPLICABLE" if the policy > was not intended to apply to the authorization query that is presented. > So removing the predicate from the calculation fits the natural semantics.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC