[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] BTG issues
> -----Original Message----- > From: David Chadwick [mailto:email@example.com] > Sent: Thursday, April 28, 2011 8:19 PM > To: xacml > Subject: [xacml] BTG issues > > 2. Should there be a standardised BTG response from the PDP (vs. user > knows by magic that he can break the glass). Majority in favour of this > but its not yet unanimous. +1 > 3. When the BTG action is granted, should there be either an obligation > in the policy to set the BTG state vs. a special purpose application > such as a Glass manager that knows it has to set the state. There is no > agreement on this issue yet. I prefer an obligation, since that doesn't require the introduction of yet another component into the architecture. The answer depends on issue 5 as well. If we generalize, does it still make sense to talk about a Glass Manager? > 5. Can BTG be made into a more generic model (e.g. to include dynamic > roles or alert status) rather than being specific to BTG. David > proposed > yes, if we replace BTG by the general concept of a third class of user > who is entitled to override a Deny if he is willing to take the > consequences, then we can remove all mention to BTG and call it > Controlled Access Override Does anyone have a use case other than BTG that would fit the generalization? > 6. Should different mechanisms be used for inter organisational use > case vs. intra organisational use case. David proposes this issue is out of > scope of the discussion since it is not an issue addressed in general > by XACML. I agree it is out of scope. > 7. Should the standardised BTG response (if there is one) contain advice > to the user which details the obligations that will be carried out if he > decides to override the deny (so the user knows in advance what the > outcomes of his override will be). General feeling that this is a good > thing. +1 > 8. What are the dimensions of the state attribute and should it be > standardised how these dimensions are specified? This issue was not > discussed in the call today, but has been raised on the list. There > seems to be general agreement that the state is multi-dimensional and > based on attributes of the subject, action, resource and environment. Does that mean that a doctor must BTG *for every bit of separate information* about a given patient while he's in a hurry trying to save that patient's life?