[INFOD-WG] FW: Your INFOD comment

Ronny Fehling ronny.fehling at oracle.com
Wed Nov 8 19:42:54 CST 2006 

I don't know if I sent this out to the infod group. This is in relation to the comment that Sam sent out.

-----Original Message-----
From: Sam Rehman [mailto:samuelson.rehman at oracle.com] 
Sent: Thursday, October 12, 2006 10:49 AM
To: Ronny Fehling
Cc: Dieter Gawlick
Subject: Re: Your INFOD comment

Hi Ronny,

Yes, like a "view" on top of your vocabulary. So if the original vocab is:
- Name
- Address
- Email
- SSN
- Keyid

You would want application that needs to display just the basic contact
to see this:
- Name
- Address
The others should be nulled or not present (depends on your preference
in semantics).

And another that has higher access, should see for example, Name,
Address, SSN,
but he might have no need for the rest and hence might still not see them.
Depending on the ACL.

This could be done by creating multiple subscriptions for each "role".
How ever, if you look at the "messy" web services world, you know this
is not practical.

I don't know if I'm making any sense - please let me know. I do plan to
join the Nov 2
call.

Just my 2 cents - which comes to 0.001 after tax :)

-- Sam
Ronny Fehling wrote:

> Sam,
>
> Thanks for your comments on the INFOD document. One of your comments
> was regarding fine grain security:
>
>- What about fine grain security. We have similar environment where we need to provide "vocabulary" level security. For
>
>example, a "visibility" mask based on your access control would define how others would really see your publication and
>
>who can subscribe to it. This is important to us if we were to use this beyond a company's four walls.
>
> We are not completely clear what you mean with this. I understand the
> access rights on publication and subscription and we think this is
> managed through the mutual filtering (i.e.: one of the constraints of
> the publisher could be: "consumer has to be authenticated by third
> party app FINEGRAINSEC to access data".). But are you proposing a
> deeper going level security on vocabulary? How would that look like
> and what are the requirements that you received on that?
>
> Thanks so much,
>
> Ronny Fehling
> Solutions Architect Manager
> Oracle Technical Business Unit
> Tel/Fax: +1 514 905-8633
> Mobile: +1 514 880-8633
> ronny.fehling at oracle.com <mailto:ronny.fehling at oracle.com>
> *www.oracle.com* <http://www.oracle.com/>
> ***View my Calendar*
> <https://stcollabsuite.oracle.com:443/global-bin/ocas.fcgi?sub=web&web=gbl&viw=%2bROsIjweGVHox20Baz%2fLcQdIwPe16MbYt8WuC5aSVlg%3d&xen=TWs6aNkOJocZso37NYS5WQ%3d%3d&server=tbtzPzHLjyw%3d&ver=2>****
>

More information about the infod-wg mailing list