Hi (David), I have two simple connected questions:
Is JACC basically a RBAC (Role Based Access Control) system? If it's, do you think its model can be mapped onto the following RBAC model: http://csrc.nist.gov/rbac/rbacSTD-ACM.pdf ? The NIST model for RBAC is quite sophisticated and can meet most of the RBAC model requirements. We cannot implement this fast and it's not our first priority but I am just dropping an email to keep this in mind. We would also like to support XACML and its RBAC module in the future so we'll have a stable core and a service layer that can easily be adopted by providers as JACC. Lots of TODO.. :-) Cheers, -- Ersin
