[higgins-dev] Re: Revised access control policy Entity modeling

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[higgins-dev] Re: Revised access control policy Entity modeling

From: "Jim Sermersheim" <jimse@xxxxxxxxxx>
Date: Thu, 26 Jun 2008 13:33:05 -0600
Delivered-to: higgins-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/higgins-dev>
List-help: <mailto:higgins-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=unsubscribe>

Why is the operation represented as an entity? Is it more complex than a simple URI?

>>> Paul Trevithick <paul@xxxxxxxxxxxxxxxxx> 06/26/08 11:15 AM >>>

Hi Jim,

After conversations with Drummond, it appears that there is a simpler way to model the access control semantics of a PolicyEntity. The new proposal is shown below and attached as a TIFF. Only one of the higgins:subject arcs shown below would be needed in the simplest case, but I drew both to show both possible kinds of subjects. As I hope is self-evident, the example below states that subject E3 and subject E4 are permitted <some kind of operation> (e.g. higgins:get, higgins:mod, higgins:del) on Entity E1 (that is, any or all Attributes of E1).

-Paul

Follow-Ups:
- RE: [higgins-dev] Re: Revised access control policy Entity modeling
  - From: Drummond Reed

References:
- [higgins-dev] Revised access control policy Entity modeling
  - From: Paul Trevithick

Prev by Date: Re: [higgins-dev] IdAS interface questions
Next by Date: RE: [higgins-dev] Re: Revised access control policy Entity modeling
Previous by thread: [higgins-dev] Revised access control policy Entity modeling
Next by thread: RE: [higgins-dev] Re: Revised access control policy Entity modeling
Index(es):
- Date
- Thread

Breadcrumbs