[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] Updated policy template wiki
Hi Jean-Paul, > -----Original Message----- > From: xacml@lists.oasis-open.org [mailto:xacml@lists.oasis-open.org] On > Behalf Of Jean-Paul Buu-Sao > Sent: Wednesday, October 10, 2012 9:46 AM > To: Erik Rissanen; Steven Legg > Cc: Danny Thorpe; xacml@lists.oasis-open.org > Subject: RE: [xacml] Updated policy template wiki > > 1a) I have a very large number of policies (say, N > 10000) that are all > identical, except for the constant values that contain in their access rules. > Every single one of these policies has a unique identity. > 1b) We build one template which, given the correct dataset, can produce the > same N policy instances > > Let now introduce the modality. There are two use-cases: > > 2a) The policy authority uses the template mechanism to ease the > production of the N policy instances, which are all produced before being > distributed for execution. Organizations implementing the policy do not see > the policy template, only the N policy instances > 2b) The policy authority distributes the its policy template to organizations. > Each organization need to supply n policy data (n is a small number, typically > between 1 and 100) which, combined with the policy template, produces n > policy instances > > The "iteration" can occur on either 2a or 2b (i.e. iterate through N policy data, > or through n policy data). Objective is to produce the N or n policy instances. I'm still confused. What do N and n represent? Is the "policy data" in "N policy data" and "n policy data" the same? If not, then please use different terms. Also, something more specific than "data" would help me. Thanks, Ray
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]