[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

HRAC decision object locality constrained?

To: hrac-rfp@cs.fiu.edu
Subject: HRAC decision object locality constrained?
From: Konstantin Beznosov <beznosov@baptisthealth.net>
Date: Mon, 13 Jul 1998 13:08:12 -0400 (EDT)
Reply-To: Konstantin Beznosov <beznosov@baptisthealth.net>
Sender: owner-hrac-rfp@cs.fiu.edu

We discussed during last conference call the issue of having QoP as one more
factor in making authorization decisions.

We decided to stay away from including QoP into the list of parameters for
access_allowed method. The decision had 2 rationales:

1. Not everyone will need it
2. QoP can be obtained via Current provided that the HRAC decision object is
locality constrained (LC).

Here is the question: Why should we impose the restriction of the HRAC decision
object to be LC?

As far as I understand, making an interface is considered to be a last resort.
If my understanding is true, then we want to have better than just "because of
QoP" justification of making the decision interface to be LC. 

Any thoughts?

Konstantin


----------------
Broadcast message to hrac-rfp from Konstantin Beznosov <beznosov@baptisthealth.net>.
Go to http://cadse.cs.fiu.edu/omg/hrac-rfp to browse the mail list archive.

Prev by Date: Re: Call in #'s
Next by Date: fwd: Re: ideas about the decision interface
Prev by thread: Re: Call in #'s
Next by thread: Re: HRAC decision object locality constrained?
Index(es):
- Date
- Thread