[anonsec] BYPASS OR PROTECT
kent at bbn.com
Fri Apr 6 14:12:51 PDT 2007
At 10:46 AM -0500 4/5/07, Nicolas Williams wrote:
>> I see what you mean, and I appreciate the generality, but I do worry
>> about creating a sophisticated access control capability that will
>> induce management errors.
>Me too. But how can we ignore the "where" in the SPD to insert
>API-driven rules? Do you believe that your "inviolable" flag would
>allow us to ignore SPD order for such rules?
I had a very simple model in mind, which might be too simplistic, but
let me state it anyway.
For what I believe is the common case of user vs. supervisor, we
would need to mark rules as "U" or "S." When a newly proposed "U"
rule is to be inserted, we invoke an algorithmic check to determine
whether it would affect any "S" rule. If so, then the attempt to
insert the "U" rule is rejected. In this model one does not need to
define points where "U" rules could be inserted.
More information about the ANONSEC