[INFOD-WG] Minutes from the INFOD conference call on Monday, January 28, 2008
Raghul Gunasekaran
rgunasek at utk.edu
Tue Jan 29 11:37:40 CST 2008
Minutes from the INFOD conference call on Monday, January 28, 2008 @ 4
pm EDT:
Participants: Aravind, Akos, Andras, Dieter, Ming, Raghul
Apologies: Arjun
Discussions:
* *INFOD Security policies*
o Current draft addresses RBAC accommodating both user
privileges and access policies for resources.
+ Do we need to separate it ? Since this combination
does not necessarily determine how policies would be
enforced at runtime (during matching)
+ If separated, then information might be redundant -
located at the both the role description and access
description of entities.
o Defining roles on a resource identified as a target doesn't
exactly reflect RBAC.
o Having a separate security constraint was considered. Would
need to modify the current spec to accommodate it; current
INFOD spec needs to accommodate admin as a user or entity to
create security policies; an admin interface in INFOD for
create/replace/drop of security policies which a user will
not have access to.
o Using XPath for security constraints. Identify INFOD
entities as resource type instead of using for clause - XQuery
o Matching or run time evaluation of constraints is being
considered on how to accommodate security policies.
o Shall address the above issues and alter the current draft
for next Mondays call.
* *Action items*:
o No discussion.
* *OGF 22 **
*
o Tuesday Feb 26 - open session on INFOD progress.
o Feb 27-28 - F2F meeting organized by Oracle at Nashua.
o Mid 2008 - a F2F meeting in Nashville or ORNL (tentative).
The next conference call will be on Monday, February 4 @ 4 pm EST.
Regards
Raghul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.ogf.org/pipermail/infod-wg/attachments/20080129/e0936d8f/attachment.html
More information about the infod-wg
mailing list