Access Control Charter

For access control, I was thinking, we need to define two collection resources.
One, a collection of identities, populated by enumeration or some sort of pattern
and the other a collection of resources, populated by enumeration or query.
For access control you connect a collection of the Ids with a collection of resources
specifying the privileges afforded.  The connection could be made by the person
who manages the server or it could be made by a policy.

Does this make sense?
-- 
All the best, Ashok

Received on Saturday, 26 April 2014 15:42:54 UTC