[data-protocols] Access Control

• Previous message: [data-protocols] Access Control
• Next message: [data-protocols] Access Control
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Use cases in theory come up in ScraperWiki - in practice hard wiring
API keys between specific scrapers and other data stores / APIs works
well enough. 

In reverse, private scrapers in ScraperWiki have an API key that gives
access just to that store from other services.

Very granular and lowest common denominator... But works now.

Anything else will need to agree on a higher level structure. I've not
seen enough real use cases to know how that should work.

What's your use case?

Francis

On Sun, Mar 18, 2012 at 11:19:47PM -0400, Haq, Salman wrote:
> Personally, I'm investigating role-based methods.
> 
> In my use-case, I can envision a vast number of 'agents' each associated
> with some notion of 'identity' and 'role' trying to access data with the
> policy enforcement mechanism working transparently. It's possible the
> queries may complete fully, not at all, or partially, based on the
> decision made by the policy enforcement mechanism. The important thing is
> that the decision has be made in 'real-time'.
> 
> XACML is a standard language for describing access policies. It affords a
> lot of flexibility but at the cost of verbosity and complexity. Are there
> other languages for this problem domain?
> 
> Also, do others have different use cases?
> 
> 
> Thanks,
> Shaq
> 
> 
> On 3/18/12 9:00 PM, "Francis Irving" <francis at flourish.org> wrote:
> 
> >That's an excellent question!
> >
> >I'm mildly worried that every data hub, and indeed every piece of
> >enterprise SaaS!, is inventing its own access control method.
> >
> >I've no idea what the best answer is. Anyone?
> >
> >Francis
> >
> >On Sun, Mar 18, 2012 at 08:38:33PM -0400, Haq, Salman wrote:
> >> Hi all,
> >> 
> >> The Data Protocols group is engaged in very useful work. I was curious
> >>if there had been any discussions about access control mechanisms.
> >>Inevitably, any database is usually tempered by access filters and if
> >>people have any ideas about that, I would like to know. I skimmed the
> >>archives about this topic but didn't find anything relevant.
> >> 
> >> Thanks,
> >> Shaq
> >> Architect, Neustar Inc.
> >> 
> >> 
> >
> >> _______________________________________________
> >> data-protocols mailing list
> >> data-protocols at lists.okfn.org
> >> http://lists.okfn.org/mailman/listinfo/data-protocols
> >
> 
> 
> _______________________________________________
> data-protocols mailing list
> data-protocols at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/data-protocols
> 

• Previous message: [data-protocols] Access Control
• Next message: [data-protocols] Access Control
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]