[WG-UMA] How multiple protections on a resource could work

Paul C. Bryan email at pbryan.net
Thu Feb 4 10:42:23 EST 2010

On Thu, 2010-02-04 at 15:25 +0000, Maciej Machulak wrote:
> Paul,
> Comment with regards to point 2) and 3). Should the host have all
> access management systems listed within a single XRD and rely on
> requester to follow each one (possibly using disparate protocols)? Or
> should the Host reveal an access management system one by one (i.e.
> give the XRD to requester, eventually decision is obtained, give the
> XRD to requester, ...and so forth).

I think this has to be left up to the host, and be largely subject to
the threats and risks associated with providing access to resources.

The host may want hoops it wants requesters to jump-through (e.g. its
own mandatory access control systems) before it will considers the
condition secure enough to even reveal how to obtain discretionary
authorization from the user. Other hosts may simply not care and expose
them all.

> The motivation for this question is related to boolean expressions.

I'm pretty sure that doling-out authorization prerequisites one-by-one
will not achieve the equivalent of logical expressions, especially in
the case of OR.

>  Should those be exposed to the Requester?

I don't think we can prevent multiple protections, but I'm also thinking
there's no strong driver for us to explicitly support it. With the
loose-coupling of resource descriptors, there's a lot of latitude, so I
don't think we're painting ourselves in any corner.

If/when there is a strong case to be made for multiple protections, I
think that's the appropriate time for us to get more rigorous.

> Should the Requester know the logic behind access control decision
> making on the Host side (i.e. which AMs are "more important" than
> others).

I'd say no. Or at least I think it goes too far for us to try to address
such expressions at this time.


> Cheers,
> Maciej
> ________________________________
> From: wg-uma-bounces at kantarainitiative.org
> [wg-uma-bounces at kantarainitiative.org] On Behalf Of Paul C. Bryan
> [email at pbryan.net]
> Sent: 04 February 2010 07:54
> To: WG UMA
> Subject: [WG-UMA] How multiple protections on a resource could work
> Hi UMAians:
> I have addressed my UMA action item 2010-01-28-3 (propose in email how
> multiple protections on a resource could work) in the following page:
> How multiple protections on a resource could
> work<http://kantarainitiative.org/confluence/display/~pbryan/How
> +multiple+protections+on+a+resource+could+work>
> Discussion welcome.
> Paul

More information about the WG-UMA mailing list