[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Issue 9.3) Authorization Control Model

To: netconf@ops.ietf.org
Subject: Issue 9.3) Authorization Control Model
From: Andy Bierman <abierman@cisco.com>
Date: Tue, 02 Dec 2003 16:10:30 -0800

9.3.1) Authorization control for protocol operation based access

9.3.2) Authorization control for High-level RPC calls

  - Treat as separate low-level data elements:
    If user is permitted to call add_bgp_neighbor then it 
    doesn't matter if underlying data model elements are 
    accessible by that user. Leave as an administrative issue.
       OR:
  - Device must make sure user is permitted to access every 
    underlying data model element used by a high level 
    function.  This may be difficult to enforce.


--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Prev by Date: Issue 9.2) <steal-lock>
Next by Date: Issue 9.4) Partial locks
Previous by thread: Issue 9.2) <steal-lock>
Next by thread: Issue 9.4) Partial locks
Index(es):
- Date
- Thread