OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: RE: [xacml] Proposed semantics for operations involving INDETERMI NATE


On Tue, 23 Jul 2002, bill parducci wrote:

> > >> The client shouldn't know what the operational errors of the PDP actually
> > >> are. It it does, it breaks encapsulation of the PDP, and causes the
> > >> clients of a PDP to worry about a lot more than Access Decisions, but
> > also
> > >> problems with the PDP.
> >
> > >indeed! we break encapsulation at this level and we abandon all hope of
> > >interoperability (we teeter perilously close to the abyss as it is...)
> >
> > Completely disagree.  Every single security system differentiates between,
> > say, "incorrect password" and "service not available".
>
> Incorrect password--when passed *as one of the parameters* in the
> query--is NOT an operational error. it is reasonable therefore, to have
> defined a legitimate response reflecting the action taken. what is not
> appropriate is expecting the PEP to take action because someone changed
> the PDP's authentication information to access the PRP (preventing
> policy retrieval): that is an operational error.

I may call that an operational error for the PDP, but not for the PEP.
That information shouldn't even float to the PEP, as you say below. The
PDP should decide what to do with *its* operational error and return a
proper result to the PEP.

-Polar

> > In fact what we are discussing is that functions in the constraint may
> > "throw exception", beside
> > returning "true" or "false".  I think we do need clear protocol to
> > communicate that - we should not
> > lump together a case when no applicable rule was found with the case of
> > database connection timed out..
>
> i fundamentally disagree. you are asking the the authorization decision
> conversation to encompass operational behaviors. to what end? let's
> assume that there is a throw deep within the bowels of some external
> function during policy evaluation. what is the PEP supposed to do with
> that information? and if it doesn't understand the context of the
> message?
>
> b
>
>
>
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>
>



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC