[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: architecture and security

To: Andy Bierman <ietf@andybierman.com>
Subject: Re: architecture and security
From: Juergen Schoenwaelder <j.schoenwaelder@iu-bremen.de>
Date: Thu, 13 Apr 2006 20:21:52 +0200
Cc: "David T. Perkins" <dperkins@dsperkins.com>, Balazs Lengyel <balazs.lengyel@ericsson.com>, Randy Presuhn <randy_presuhn@mindspring.com>, "Netconf (E-mail)" <netconf@ops.ietf.org>
In-reply-to: <443E7BF5.3010905@andybierman.com>
Mail-followup-to: Andy Bierman <ietf@andybierman.com>, "David T. Perkins" <dperkins@dsperkins.com>, Balazs Lengyel <balazs.lengyel@ericsson.com>, Randy Presuhn <randy_presuhn@mindspring.com>, "Netconf (E-mail)" <netconf@ops.ietf.org>
References: <Pine.LNX.4.10.10604130809500.2749-100000@shell4.bayarea.net> <443E7BF5.3010905@andybierman.com>
Reply-to: j.schoenwaelder@iu-bremen.de
User-agent: Mutt/1.5.10i

On Thu, Apr 13, 2006 at 09:27:33AM -0700, Andy Bierman wrote:

> I also want to point out that nobody is asking for instance granularity
> within a row.  People have asked for "user A can look at all instances
> of the foo object" or "user B can look at all the data in row X of
> the interfaces table".  This is very different than VACM (and much
> simpler/better IMO), where the columns in an individual row can have
> different access control rights for every user.

Still, the hard problem are references to things under access control.
Some boxes to maintain fault history tables that may refer to
interfaces (or to physical ports that are related to interfaces). How
will the access control model deal with such cases?

Of course, fault history data is not config data so you can take the
formal position that this example is out of scope for netconf access
control. But I think the question of how to deal with references will
remain and this is especially nasty if references are embedded into
identifiers.

Note that I am not asking for a complex solution - I just believe we
should be very clear what an access control model can do and what not.

/js

-- 
Juergen Schoenwaelder		    International University Bremen
<http://www.eecs.iu-bremen.de/>	    P.O. Box 750 561, 28725 Bremen, Germany

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Follow-Ups:
- Re: architecture and security
  - From: Andy Bierman <ietf@andybierman.com>

References:
- Re: architecture and security
  - From: "David T. Perkins" <dperkins@dsperkins.com>
- Re: architecture and security
  - From: Andy Bierman <ietf@andybierman.com>

Prev by Date: Re: architecture and security
Next by Date: Re: architecture and security
Previous by thread: Re: architecture and security
Next by thread: Re: architecture and security
Index(es):
- Date
- Thread