Changes between Version 28 and Version 29 of Internal/Rbac/OrbitRbacDesign/ThreatAnalysis


Ignore:
Timestamp:
Sep 29, 2006, 7:11:31 PM (18 years ago)
Author:
anonymous
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Internal/Rbac/OrbitRbacDesign/ThreatAnalysis

    v28 v29  
    3636Are there any requirements related to version control?  Is it safe to assume that each project will keep track of it?
    3737
    38 Although it does not seem likely with the current ORBIT resources, it is possible that access to some resources, e.g., special instruments, might be limited to protect them from overuse or damage or just to keep the in calibration.http://lists.oasis-open.org/archives/xacml/200404/msg00036.html
     38Although it does not seem likely with the current ORBIT resources, it is possible that access to some resources, e.g., special instruments, might be limited to protect them from overuse or damage or just to keep the in calibration.
    3939
    4040Are there any other threats that might require the use of RBAC with ORBIT?
     
    5151
    5252It is assumed that access control will not need to interface with cost accounting.  It is assumed that any denial of access to overdrawn users will be enforced by user authentication.  If it is required to enforce project-level denial of access due to cost considerations it might be possible to enforce it when an already authorized user attempts to select that project or when he or she accesses an object with a cost associated with it.
    53 http://lists.oasis-open.org/archives/xacml/200404/msg00036.html
    5453
    5554It is probably a good idea to maintain Unicode compatibility (UTF-8 encoding) with user and project names for international use.