Changes between Version 156 and Version 157 of Internal/Rbac/OrbitRbacDesign


Ignore:
Timestamp:
Sep 21, 2006, 8:52:26 PM (18 years ago)
Author:
hedinger
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Internal/Rbac/OrbitRbacDesign

    v156 v157  
    1212Other design issues and decisions are discussed on the [wiki:Internal/Rbac/OrbitRbacDesign/ThreatAnalysis ORBIT Design Goals and Threats] page.  Primary among them is the choice of dynamic separation of duty.
    1313
    14 The [wiki:Internal/Rbac/OrbitRbacDesign/NistRbacSoftware NIST RBAC Software], [wiki:Internal/Rbac/OrbitRbacDesign/SolarisRbac Solaris RBAC Software], [wiki:Internal/Rbac/OrbitRbacDesign/OasisRbac OASIS RBAC], and [wiki:Internal/Rbac/OrbitRbacDesign/xoRbac xoRBAC] pages cover the four major implementation choices that were identified during [wiki:Internal/Rbac/OrbitRbacDesign/ImplementationResearch Research for Implementation].  The NIST RBAC software was chosen as a starting point for the implementation of ORBIT RBAC support because it is web-oriented, has a server-pull architecture, supports dynamic separation of duty, is Unix-based, and is most likely to be reliable and maintainable.
     14The [wiki:Internal/Rbac/OrbitRbacDesign/NistRbacSoftware NIST RBAC Software], [wiki:Internal/Rbac/OrbitRbacDesign/SolarisRbac Solaris RBAC Software], [wiki:Internal/Rbac/OrbitRbacDesign/OasisRbac OASIS RBAC], and [wiki:Internal/Rbac/OrbitRbacDesign/xoRbac xoRBAC] pages cover the four major implementation choices that were identified during [wiki:Internal/Rbac/OrbitRbacDesign/ImplementationResearch Research for Implementation].  The NIST RBAC software was chosen as a starting point for the implementation of ORBIT RBAC support because it is web-oriented, has a server-pull architecture, supports dynamic separation of duty, is Unix-based, and is most likely to be reliable and maintainable.  It also should be fairly efficient as it is written in C and Perl with one Java module.
    1515
    1616The [wiki:Internal/Rbac/OrbitRbacDesign/AuditingTools Logging and Auditing] and [wiki:Internal/Rbac/OrbitRbacDesign/ConsistencyChecking Consistency Checking] pages cover design and implementation issues related to logging, auditing and role-assignment consistency checking tools.