Changes between Version 2 and Version 3 of FeatureRequests/SecurityFeatures
- Timestamp:
- 04.08.2011 00:29:45 (13 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
FeatureRequests/SecurityFeatures
v2 v3 1 1 == Implement User, Role, ACL, Security Concept == 2 2 3 {{{ 4 DeepaMehta needs an enhaced permission control system. 5 }}} 3 4 DeepaMehta needs an enhaced permission control system (PCS). Security needs to be implemented at the server back end and all access must be authenticated, e.g. through tokens. The client-server communication should be secured by TLS/SSL. For the special needs in the context of DeepaMehta we cannot apply strict ACL or OCL lists. Due to the nature of DeepMehta a combined ACL and OCL approach in regard of the workspaces must be implemented into the PCS. 6 5 7 6 === User Concept === 8 7 9 8 Every operation in DeepaMehta should be done by an identified user. Users (and groups) should be handled through UID (and GID) 10 11 9 12 10 {{{ … … 55 53 Roles should be assined to users and groups. 56 54 57 58 55 === Attributes === 59 56 Every object should have a set of inherent attributes ( which may be properties or associations), e.g.