resent On 11/8/15, 11:53, "Zhang, Edward (GDI Hadoop)" <[email protected]> wrote:
>For UC1 ³allow user to only access some particular data², it is a good >business use case. Technically we should be aware of that each policy will >be evaluated once for each event or each window of events. >So, for a particular user, we can¹t define 2 or more such whitelist policy >as today each policy is independently evaluated. > >For UC2 why not just delete original policy? It looks it introduce another >complexity of policy priority. You would like the new whitelist policy to >override original policy. We should discuss. > >Thanks >Edward Zhang > >On 11/8/15, 9:11, "Manoharan, Arun" <[email protected]> wrote: > >>Hi Folks, >> >>There is a need for a whitelist feature in Eagle. >> >>Current Feature: >>Today most of the policies are set based on ³If any user access abc.dat >>data 10 times send an alert². >> >>UC1: >>In case of a whitelist you can say ³Allow user Arun to only access >>particular data sets like abc.data² If anything else send an alert. >> >>UC2: >>You can white list a user to say this user ³Y² can access abc.dat more >>than 10 times. This should not trigger an alert which was originally put >>in place based on [current feature]. >> >>I would like to start the discussion on this feature. >> >>Thanks, >>Arun
