- From: SULLIVAN, BRYAN L (ATTCINW) <BS3131@att.com>
- Date: Wed, 3 Mar 2010 08:21:35 -0800
- To: "Nilsson, Claes1" <Claes1.Nilsson@sonyericsson.com>, "Robin Berjon" <robin@robineko.com>
- Cc: <public-device-apis@w3.org>, "Apelqvist, Johan" <Johan.Apelqvist@sonyericsson.com>
Claes, As noted in my response to Mark's note about a "proxy provider" concept (http://lists.w3.org/Archives/Public/public-device-apis/2010Mar/0057.htm l), I think there is conceptual agreement here on "a "DAP Web Server" could be considered as a local Provider and be installed as part of the Powerbox "Provider Registration" process". It sounds like the DAP Web Server acting as a proxy, can take on the role of proxy provider and be installed as you say. I also agree with the other points you make. These are key options to address the various user preferences for manual or automated security controls. Thanks, Bryan Sullivan | AT&T -----Original Message----- From: Nilsson, Claes1 [mailto:Claes1.Nilsson@sonyericsson.com] Sent: Wednesday, March 03, 2010 6:30 AM To: SULLIVAN, BRYAN L (ATTCINW); Robin Berjon Cc: public-device-apis@w3.org; Apelqvist, Johan Subject: RE: REST: DAP Web Server to access to local resources Thanks Bryan, The first time a user accesses a web application that wants to access device resources provided by the "DAP Web Server" the "Auth" function provides user interaction to grant access to requested resources. Once the requested resource(s) are granted the user do not have to grant access the next time the application is accessed as long as the resource(s) are not changed. Basically the "manager" allows the user to manually withdraw previously granted permissions for web applications access to Device Resources. In addition the "manager" may provide the possibility for the user to pre-configure an access policy. For example, the user could state that only web applications whose origin is "operator" and "vendor" are allowed to access the contacts API. Optionally a "pre-arranged trust policy" framework, "Policy", may exist as indicated in the figures. The "manager" might correspond to the Bondi policy info/decision/enforcement point. I need to look more at the Bondi architecture to give a more substantial answer. Something that have to be considered is whether this fits into the Powerbox concept, i.e. if a "DAP Web Server" could be considered as a local Provider and be installed as part of the Powerbox "Provider Registration" process. Best regards Claes > -----Original Message----- > From: SULLIVAN, BRYAN L (ATTCINW) [mailto:BS3131@att.com] > Sent: onsdag den 3 mars 2010 07:39 > To: Nilsson, Claes1; Robin Berjon > Cc: public-device-apis@w3.org; Apelqvist, Johan > Subject: RE: REST: DAP Web Server to access to local resources > > Claes, > > The proposal looks good. The role of the "manager" as I understand it > is > equivalent to the web runtime's collective roles of policy > info/decision/enforcement point in the BONDI architecture. This is also > what I pointed out in response to Richard's proposal, i.e. re the > OpenProvider Container, which I think has the same role as the manager > in your diagrams. > > The question I have for Powerbox is whether the authors intend it to be > sufficiently context-aware, so that it can act in this policy role. > > Thanks, > Bryan Sullivan | AT&T > -----Original Message----- > From: public-device-apis-request@w3.org > [mailto:public-device-apis-request@w3.org] On Behalf Of Nilsson, Claes1 > Sent: Monday, March 01, 2010 8:56 AM > To: 'Robin Berjon' > Cc: 'public-device-apis@w3.org'; Apelqvist, Johan > Subject: RE: REST: DAP Web Server to access to local resources > > Hi Again, > > I tried to attach the presentation as a pdf but it didn't get out on > the > DAP list. So I posted it to the W3C general archive instead (thanks for > your advice Dom). Here is the link: > http://lists.w3.org/Archives/Public/www-archive/2010Mar/att-0004/SEMC_- > _ > Local_REST_APIs.pdf > > Here is the text from my original mail again: > > Based on research and prototyping by a colleague at SEMC I submit a > proposal for how API access control through "user authorization" and/or > "pre-arranged trust" through a policy framework can fit into a REST > based architecture. > > This work has been done independently of the "Powerbox" proposal but > currently I do not see any contradictions with the Google proposal. > > Best regards > Claes > > > -----Original Message----- > > From: Robin Berjon [mailto:robin@robineko.com] > > Sent: onsdag den 24 februari 2010 17:39 > > To: Nilsson, Claes1 > > Cc: 'public-device-apis@w3.org'; Apelqvist, Johan > > Subject: Re: REST: DAP Web Server to access to local resources > > > > Hi Claes, > > > > On Feb 24, 2010, at 15:37 , Nilsson, Claes1 wrote: > > > I understand that our submission comes too late for a discussion at > > today's phone conference but hopefully we can have a discussion at > the > > next week's meeting. > > > > Thanks a lot for submitting this, we will definitely look at it > closely. > > However, I don't want to be too much of a fascist but would you mind > > resending it in a format that we can read more easily (HTML, or > failing > > that PDF)? That would also make it easier for people who read the > list > > through the mail archives. > > > > Cheers! > > > > -- > > Robin Berjon > > robineko - hired gun, higher standards > > http://robineko.com/ > > > > > > >
Received on Wednesday, 3 March 2010 16:22:24 UTC