...
- Address concerns with current design:
- persistence of ACLs for external nodes
- limitations of implemented inheritance/override model
- Overview of XACML policies and policy sets
- peek at the JBOSS policy engine
- Begin a new XACML design page, i.e. mapping XACML to fedora authz delegate, etc..
- How to specify effective XACML policies for a given node/region?
- How and where to persist policy objects?
- How to map Fedora metadata into XACML request/context attributes
- which attributes are always in the XACML request context?
- which attributes are also available to policies via the attribute finder?
- More???
Discussion Items
Time | Item | Who | Notes |
---|---|---|---|
...