[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [xacml] proposed amendment to Polar's resolution of PM-2-05
i don't wish to dwell on this because i think that we have a decision that all can agree with. > But the much more important reason in the context of this debate, is that > the PEP MUST be a trusted component! The PEP is responsible for enforcement. > If the PEP is subverted, it can ignore what the PDP says and allow any sort > of access it likes. It can even refuse to consult the PDP. rule #1 in hacking: prey upon assumptions. how do you know you are talking to the PEP? implementers can choose to ignore as it may not be worth reducing the desired feature set, however it is a risk. b
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC