Hi Scott, I think both the set of roles a user is able to assume and the set of polices a role can assert should follow the same PIP\PDP\PAP model.
The PDP needs a set of information to compile the list of roles and the set of polices for each role. That information comes from either a local PIP or as claims from remote PIP which the PDP trusts. The PDP can be aggregating information here from different PIPs e.g. multiple PIP can assert different policies belong to a role. Equally under the same model I would expect the PAP to publish policy about other aspects of its policies such as who can use a policy or what the policy can be applied to, which the PDP would enforce. The model is trying to ensure clean separation of responsibilities, information points publish "factual" information, policy comes from policy authorities and decisions and made by decision makes based on the policy and information presented. Trevor -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Jim Schaad Sent: Friday, August 05, 2011 10:54 PM To: 'Fitch, Scott C'; [email protected] Subject: Re: [plasma] PEP Bootstrapping > -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of Fitch, Scott C > Sent: Thursday, August 04, 2011 1:57 PM > To: [email protected] > Subject: [plasma] PEP Bootstrapping > > I understand the importance of "bootstrapping" the Content Creation PEP. > However, I'm not sure it's appropriate for the PDP to tell it its > roles as outlined in v02. It seems to me that role (and other related > information about the author) would come from the PIP and be delivered > to the PDP as part of the initial bootstrap and authentication > process. At that point, the > PDP could reply with the set of policies available to the user. The model is operating under the impression that the "roles" an entity can assume is based not on configuration, but on application of policy information. This means that it is not a configured property, which would make it appropriate for a PIP but is computed based on the properties obtained from the PIP and the policy configuration in the PDP. Does this make sense? Is there something we can do to make this more clear? > > Retrieving the list of policies is itself essentially another access control > decision (i.e., what types of data is this user allowed to publish?). > So it seems > to make sense to follow the PEP/PIP/PDP model in this interaction too. > It also > allows for more flexibility in determining what policies to assign to > the user, > beyond just Role-based access control decisions. > I believe this is what the document currently says. Do you see a need for changes here? Jim > > Scott Fitch > Cyber Architect > Lockheed Martin Enterprise Business Services > > > _______________________________________________ > plasma mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/plasma _______________________________________________ plasma mailing list [email protected] https://www.ietf.org/mailman/listinfo/plasma _______________________________________________ plasma mailing list [email protected] https://www.ietf.org/mailman/listinfo/plasma
