-
Key: DDSSEC_-36
-
Legacy Issue Number: 19812
-
Status: closed
-
Source: ZettaScale Technology ( Mr. Julien Enoch)
-
Summary:
The §8.4.2.7.23 doesn't describe the parameters of the get_endpoint_sec_attributes operation.
Moreover, in Table 18, only a PermissionHandle is specified as in parameter for this operation. As specified in §8.4.2.4 the PermissionHandle is associated to a DomainParticipant.
But, according to §8.4.2.7.23, the get_endpoint_sec_attributes operation shall return the information related to the endpoint (DDS DataReader or DDS DataWriter). Thus, this operation miss some parameter(s) to indicate this endpoint.
-
Reported: DDS-Security 1.0b1 — Thu, 25 Jun 2015 04:00 GMT
-
Disposition: Resolved — DDS-Security 1.0
-
Disposition Summary:
Split get_endpoint_sec_attributes() into two: get_reader_sec_attributes() and get_writer_sec_attributes() also add parameters for Topic, partitions, and DataTags
The get_endpoint_sec_attributes() needs additional information to determine the name of the Topic, the Partitions, and the DataTags. The Topic name is already needed to implement the logic of the builtin plugins. The others are expected to be needed for future standard plugins or those implemented by vendors or users.
Likewise the get_endpoint_sec_attributes() needs to distinguish whether the Endpoint is a DataReader or DataWriter. One of the suggested approaches to this was to split it into two methods: get_reader_sec_attributes() and get_writer_sec_attributes(). This seems the cleanest and it is aligned with other plugin operations which already have separate methods for datareaders and datawriters.
This change impacts Table 18 (AccessControl Interface). It renames get_endpoint_sec_attributes to get_datarwriter_sec_attributes and adds a row for get_datareader_sec_attributes
It renames 8.4.2.7.23 (Operation: get_endpoint_sec_attributes) to Operation: get_datarwriter_sec_attributes
It adds 8.4.2.7.24 Operation: get_datareader_sec_attributes
It modifies the rest of the document replacing get_endpoint_sec_attributes with either get_datarwriter_sec_attributes or get_datareader_sec_attributes. Also clarifies better the use of these operations.
-
Updated: Tue, 12 Jul 2016 14:45 GMT
-
Attachments:
- Figure11_AccessControl.emf 93 kB ()
- Figure24_DDSSecurity-LocalParticipantAccess.emf 93 kB ()
DDSSEC_ — Parameters of get_endpoint_sec_attributes
- Key: DDSSEC_-36
- OMG Task Force: DDS Security 1.0 FTF 2