Re: TAC + roles + resource access control = UAC

On 9/5/12 12:08 PM, Luca Costabello wrote:
> Kingsley, just a side note: in Shi3ld, we deliberately chose not to 
> rely on access control lists. Instead, we adopt an attribute-based 
> authorization mechanism. This allows us to offer more expressive 
> access control policies, such as location-based or time based 
> policies. As a side note, we also use SPARQL ASKS to verify access 
> conditions.
My point is that are doing something similar but in a manner that works 
with any ACL ontology. SPARQL ASK is the last resort, and even then, it 
uses patterns based on terms from the ACL ontology.

As per usual, I am proposing loose coupling of these things.

-- 

Regards,

Kingsley Idehen 
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Received on Thursday, 6 September 2012 12:04:44 UTC