View Issue Details

IDProjectCategoryView StatusLast Update
000446910000-003: Address SpaceSpecpublic2023-09-05 12:57
ReporterRandy Armstrong Assigned To 
PrioritynormalSeverityfeatureReproducibilityalways
Status acknowledgedResolutionopen 
Summary0004469: Extend the Role Identity Mappings to Support Attribute Based Access Control (ABAC).
Description

Attribute based access control uses combinations of attributes to determine access and can be described as more generic version of the identity mapping rules that are already in place.

Need to extend the identity mapping model to ABAC use cases.

Another alternative, leave it up the vendor to enforce.

Tagssg.Security
Commit Version
Fix Due Date

Activities

Randy Armstrong

2018-11-21 17:14

administrator   ~0009626

For example: add a new mapping rule that specifies key=value pairs needed to determine if the the current session has access. The key and value would come from the access token (JWT) and could be any text defined by the system admins.

Randy Armstrong

2018-11-21 17:17

administrator   ~0009627

At a minimum add discussion of ABAC to the specification even if left to vendor.

Jim Luth

2018-12-04 17:04

administrator   ~0009668

Probably just a minor enhancement. Could be added to 1.05. Need volunteer to do the work.

Jim Luth

2022-11-22 17:55

administrator   ~0018184

This is an alternative to RBAC not an extension. We currently don't think we want to introduce an orthogonal scheme.

Issue History

Date Modified Username Field Change
2018-11-21 17:11 Randy Armstrong New Issue
2018-11-21 17:14 Randy Armstrong Note Added: 0009626
2018-11-21 17:17 Randy Armstrong Note Added: 0009627
2018-12-04 17:04 Jim Luth Note Added: 0009668
2018-12-04 17:04 Jim Luth Assigned To => Jim Luth
2018-12-04 17:04 Jim Luth Status new => acknowledged
2020-05-27 16:12 Jim Luth Assigned To Jim Luth =>
2022-11-22 17:55 Jim Luth Note Added: 0018184
2023-09-05 12:57 Jim Luth Tag Attached: sg.Security