Changes between Version 2 and Version 3 of FeatureRequests/SecurityFeatures


Ignore:
Timestamp:
04.08.2011 00:29:45 (13 years ago)
Author:
JuergeN
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • FeatureRequests/SecurityFeatures

    v2 v3  
    11== Implement User, Role, ACL, Security Concept == 
    22 
    3 {{{ 
    4 DeepaMehta needs an enhaced permission control system. 
    5 }}} 
     3 
     4DeepaMehta needs an enhaced permission control system (PCS). Security needs to be implemented at the server back end and all access must be authenticated, e.g. through tokens. The client-server communication should be secured by TLS/SSL. For the special needs in the context of DeepaMehta we cannot apply strict ACL or OCL lists. Due to the nature of DeepMehta a combined ACL and OCL approach in regard of the workspaces must be implemented into the PCS.  
    65 
    76=== User Concept === 
    87 
    98Every operation in DeepaMehta should be done by an identified user. Users (and groups) should be handled through UID (and GID) 
    10  
    119 
    1210{{{ 
     
    5553Roles should be assined to users and groups. 
    5654 
    57  
    5855=== Attributes === 
    5956Every object should have a set of inherent attributes ( which may be properties or associations), e.g.