[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xacml] proposed amendment to Polar's resolution of PM-2-05
because it provides information on what is necessary to make a decision for granting access. while this sounds appealing from a programmatic perspective, it is a fundamental no-no in a security transaction because it provides feedback for 'safecracking'. in other words, it allows a nefarious entity to 'query' the system for information leading to access. b Anne Anderson - Sun Microsystems wrote: > > Bill, could you explain your problem? Sometimes a PEP does not want to > expose to the PDP all possible attribute values, but only those really > needed. By having the PDP supply a list of those attributes required > for a decision, the PEP can send only those. In fact, the PDP could > return a structured set of attributes: "I could return a decision if > you supply A, B, and C OR D and E." > > Another case is to support the Java Policy "getPermissions" API. In > this case, the PEP supplies a partial list of attributes, and gets back > a list of Permissions (resource/action pairs) that remain as the only > unknown attributes after substituting the supplied attributes into all > the Permit rules. So far, Java Security developers have not indicated > any requirements for implementing this API, but it is a potential case. >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC