Re: how to go about creating a new vocab?

On 5/2/13 12:13 PM, Marian, Radu wrote:
> Alex,
>
> Thank you - I did see them both.  They may satisfy basic Web and Social access control needs.
>
> However our goal is to standardize on an IAM vocabulary in Cloud/Enterprise. It should cover all IAM phases - Access Design, Request, Approval, Provisioning, Runtime, Review, Analytics, and Reconciliation.

The suggested vocabularies aren't Web specific per se.

At all phases (as per your list above) there are resources being created 
(enterprise or Web accessible) to which access controls apply. Thus, you 
need to align identities and machine- and human-readable entity 
relationship semantics that manifest as resource access controls or data 
access policies..
>
> Here is the latest model snapshot https://www.oasis-open.org/apps/org/workgroup/cloudauthz/download.php/49053/entitlement.ontology.png
>
> P.S. I am working on a write-up to describe this model.

BTW -- The PNG resource isn't accessible. Are you planning to mark this 
up using some machine readable notation etc?

Here are some examples of the Web Access Control ontology in action:

1. http://kingsley.idehen.net/DAV/home/kidehen/Public/ -- although this 
folder has a cocktail of access controls that determine what identities 
can do what (via the HTML UI or raw HTTP )

2.  http://bit.ly/UXZEYV -- G+ note about multi-identifier and 
multi-authentication protocol approach to acls (note: this is all driven 
by the Web Access Control ontology) .

Conclusion:

There's a lot to gain from the Web Access Control vocabulary/ontology in 
its current form, as a building block.

Kingsley
>
> Regards,
> Radu Marian, MSCS, SCEA, CISSP
> Bank of America - Charlotte, NC
> VP, Architect 2, Enterprise Security Architecture
> Business phone number: (704) 628-6874
> an Enterprise without Ontology is like a country without a map.
>
>
>
>


-- 

Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Received on Thursday, 2 May 2013 20:43:36 UTC