Another cool thing about having a SDO DAS is that EMF works very well with Biz Rules. See:
http://www.eclipse.org/articles/Article-Rule Modeling With EMF/article.html We're starting the design discussions around it on the Tuscany dev list if anyone is interested. --- Stephane Bailliez <[EMAIL PROTECTED]> wrote: > > > Ersin Er wrote: > >> > These can be extended to the following > entities: > >> > > >> > Policies > >> > Subjects > >> > Rules > >> > Conditions > >> > >> Where is this from? Is this SUN's commercialized > names for things they > >> have in their access control manager? > > > > Well, these are not only SUN's terminology but > generic entity > > descriptors that needs to be provided by a > powerful access control > > system. > > > > What we call Users and Roles in Triplesec can be > extended to the term > > Subject. > > > > We don't have anything like Rules, although we > must have. We just use > > abstract strings as David said. But this is not > for controlling access > > but for storing abstract permission information. > > > > And Conditions are still a required property. > Beyond selecting the > > subjects and resources, we may need to satisfy > more conditions like > > Authentication Level, IP Address, LDAP Filter, > Time etc. > > > > These all are also proposed by NIST spec and > XACML. > > Good point. > > A permission could indeed be temporal or subject to > other bizrules. > > > -- stephane > > ____________________________________________________________________________________ Looking for earth-friendly autos? Browse Top Cars by "Green Rating" at Yahoo! Autos' Green Center. http://autos.yahoo.com/green_center/
