OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [xacml] BTG issues

> -----Original Message-----
> From: David Chadwick [mailto:d.w.chadwick@kent.ac.uk]
> Sent: Thursday, April 28, 2011 8:19 PM
> To: xacml
> Subject: [xacml] BTG issues
> 2. Should there be a standardised BTG response from the PDP (vs. user
> knows by magic that he can break the glass). Majority in favour of this
> but its not yet unanimous.


> 3. When the BTG action is granted, should there be either an obligation
> in the policy to set the BTG state vs. a special purpose application
> such as a Glass manager that knows it has to set the state. There is no
> agreement on this issue yet.

I prefer an obligation, since that doesn't require the introduction of yet another component into the architecture.
The answer depends on issue 5 as well. If we generalize, does it still make sense to talk about a Glass Manager?

> 5. Can BTG be made into a more generic model (e.g. to include dynamic
> roles or alert status) rather than being specific to BTG. David
> proposed
> yes, if we replace BTG by the general concept of a third class of user
> who is entitled to override a Deny if he is willing to take the
> consequences, then we can remove all mention to BTG and call it
> Controlled Access Override

Does anyone have a use case other than BTG that would fit the generalization?

> 6. Should different mechanisms be used for inter organisational use
> case vs. intra organisational use case. David proposes this issue is out of
> scope of the discussion since it is not an issue addressed in general
> by XACML.

I agree it is out of scope.

> 7. Should the standardised BTG response (if there is one) contain advice
> to the user which details the obligations that will be carried out if he
> decides to override the deny (so the user knows in advance what the
> outcomes of his override will be). General feeling that this is a good
> thing.


> 8. What are the dimensions of the state attribute and should it be
> standardised how these dimensions are specified? This issue was not
> discussed in the call today, but has been raised on the list. There
> seems to be general agreement that the state is multi-dimensional and
> based on attributes of the subject, action, resource and environment.

Does that mean that a doctor must BTG *for every bit of separate information* about a given patient while he's in a hurry trying to save that patient's life?

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]