-
Key: DDSSEC_-75
-
Status: closed
-
Source: Twin Oaks Computing, Inc. ( Mr. Clark Tucker)
-
Summary:
What happens if no topic_rule (governance) is found for the 'domain+topic' ?
This impacts behavior of: get_endpoint_sec_attributes()
-
Reported: DDS-Security 1.0b1 — Tue, 17 Nov 2015 14:10 GMT
-
Disposition: Resolved — DDS-Security 1.0
-
Disposition Summary:
Extend Governance doc to support default domain rules and explain what happens when no Domain or Topic rule matches
Extend syntax for Domain Rule to accept domain expressions such that we can construct default domain rules.
This can be done extending the content of the <domain_id> element to allow certain expressions (e.g. <domain_id>ALL</domain_id>) or to be ranges (e.g. <domain_id> 0-10 </domain_id>) or lists (e.g. <domain_id> 0,10,20 </domain_id>) or combinations (e.g. (<domain_id> 0-5, 10, 20-40 </domain_id>).
Explain that rules are applied in the same order they appear in the governance document and the first one that matches is "selected"
Explain that if no Domain or Topic rule is found then the operation under consideration should give a "permissions error"
-
Updated: Tue, 12 Jul 2016 14:45 GMT
-
Attachments:
- omg_shared_ca_governance_example_i75.xml 3 kB (application/xml)
- omg_shared_ca_governance_i75.xsd 4 kB (text/xml)
- omg_shared_ca_permissions_example_i72_i75.xml 4 kB (application/xml)
- omg_shared_ca_permissions_i72_i75.xsd 5 kB (text/xml)
DDSSEC_ — In DomainGovernance, what is default behaviour if a domain+topic topic_rule is not found
- Key: DDSSEC_-75
- OMG Task Force: DDS Security 1.0 FTF 2