[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xacml] [CR] Add Default-deny policy combination algorithm
On 22 August, Polar Humenn writes: Re: [xacml] [CR] Add Default-deny policy combination algorithm > If we add that, we should probably add the analogous "Default-permit" > algorithm as well to keep it semmetric. Default-deny is needed to prevent security breaches, such as having web services interpret NotApplicable as "Permit", where this is not the intent. Default-permit might be nice for symmetry, but it is not necessary. Anne -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC