- privileges, a generic model
- group, role and role hierarchies, draft proposal for MACE-wide model and definition
- Are the definitions in the glossary good enough or are their others that are more widely accepted?
- mace documents ( grouper) vs other standards groups
- Are the definitions in the glossary good enough or are their others that are more widely accepted?
- case studies
- group, role and role hierarchies, draft proposal for MACE-wide model and definition
- attribute delivery recipe:
- SAML between IdP & SP
- SPML, XMPP ( grouper) for push provisioning
- LDAP , privilege registry or webservice for pull provisioning
- is there existing mace-dir work to build on?
- generalizing to federated scenarios and VOs
- What is the namespace and object characteristics for privileges
- what are the special problems in namespace choice?
- Fifer using URIs
- What is the namespace and object characteristics for privileges
- authorization and access control
- case studies in production
- rule-based access control
- XACML , DROOLS, others
- policy, a generic model
- P*P architectures: proposed models,
- Application policy, enterprise policy, VO policy
- case studies - bamboo
- P*P architectures: proposed models,
Overview
Content Tools