View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004469 | 10000-003: Address Space | Spec | public | 2018-11-21 17:11 | 2023-09-05 12:57 |
| Reporter | Randy Armstrong | Assigned To | |||
| Priority | normal | Severity | feature | Reproducibility | always |
| Status | acknowledged | Resolution | open | ||
| Summary | 0004469: Extend the Role Identity Mappings to Support Attribute Based Access Control (ABAC). | ||||
| Description | Attribute based access control uses combinations of attributes to determine access and can be described as more generic version of the identity mapping rules that are already in place. Need to extend the identity mapping model to ABAC use cases. Another alternative, leave it up the vendor to enforce. | ||||
| Tags | sg.Security | ||||
| Commit Version | |||||
| Fix Due Date | |||||
|
|
For example: add a new mapping rule that specifies key=value pairs needed to determine if the the current session has access. The key and value would come from the access token (JWT) and could be any text defined by the system admins. |
|
|
At a minimum add discussion of ABAC to the specification even if left to vendor. |
|
|
Probably just a minor enhancement. Could be added to 1.05. Need volunteer to do the work. |
|
|
This is an alternative to RBAC not an extension. We currently don't think we want to introduce an orthogonal scheme. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2018-11-21 17:11 | Randy Armstrong | New Issue | |
| 2018-11-21 17:14 | Randy Armstrong | Note Added: 0009626 | |
| 2018-11-21 17:17 | Randy Armstrong | Note Added: 0009627 | |
| 2018-12-04 17:04 | Jim Luth | Note Added: 0009668 | |
| 2018-12-04 17:04 | Jim Luth | Assigned To | => Jim Luth |
| 2018-12-04 17:04 | Jim Luth | Status | new => acknowledged |
| 2020-05-27 16:12 | Jim Luth | Assigned To | Jim Luth => |
| 2022-11-22 17:55 | Jim Luth | Note Added: 0018184 | |
| 2023-09-05 12:57 | Jim Luth | Tag Attached: sg.Security |
