[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Object model] Object model proposal from Dave Chizmadia
David,
here is my comments on the design model and ideas in the text that you sent on
7/23:
Main points:
o I understood the idea of template repository as a way to avoid passing
syntactic description of the information passed as a resource parameter in
access_allowed() method. The question is why is it better than passing
syntactic description of the data with the data itself during each invocation.
o It looks to me that your model compliments Bob Blakley's model because his
one is mostly concerned with the design of ADO. Yours depicts ADO as an opaque
item. Is my understanding that the models compliment each other correct?
Minor points:
o You introduce one more name -- "HRACCapability". I suggest to decide finally
how we call this animal in order to avoid further confusion among us and
outside people. In relation to this, I'm posting one more issue that the team
needs to resolve before the final submission. It's the following:
"HRAC" stands for healthcare resource access control. Clearly, the
functionality for which the RFP is asking (and what a submission is supposed to
specify) is concern only with making authorization decisions, i.e. no actual
access control is in the scope of the RFP. Thus, the specified functionality
should be renamed from "access control" to something else that would reflect
the fact that it specifies only authorization decision part, i.e. not control.
o You mention that "we seem to want" operation extensibility. I'm not sure
about it.
o I agree that from architectural point of view, it does not make sense to have
multiple_action_access_allowed() and access_allowed(), because someone can pass
a sequence consisting only of one element.
o I like the idea with policy repository.
Konstantin
----------------
Broadcast message to hrac-rfp from Konstantin Beznosov <beznosov@baptisthealth.net>.
Go to http://cadse.cs.fiu.edu/omg/hrac-rfp to browse the mail list archive.