SEC 1.7 NO IDEA Avatar
  1. OMG Issue

SEC17 — Public Attribute extraneous and inefficient

  • Key: SEC17-2
  • Legacy Issue Number: 2800
  • Status: closed  
  • Source: Anonymous
  • Summary:

    Summary: The Public attribute is said to exist for the mere purpose of having at
    least one credentials object with at least one attribute, if no user has
    authenticated. (It is entirely debateable of whether a credentials object
    should exist at all if a prinicpal does not authenticate). It appears the
    only purpose for this public attribute, which is said to exist in every
    Credentials instance regardless of authentication, is to be able to
    "grant" rights to EVERY principal in a Domain Access Policy.

    Access Policies (AP), as opposed to Domain Access Policies(DAP) (is an
    extension of AP) do not have to follow the "grant/revoke/replace" scheme
    of DAP.

    Therefore, the Public attribute permiates the entire system just to
    support an optional Domain Access Policy. In fact that most access
    decisions will ignore the Public attribute if access is based on other
    attributes. This situation reveals unecessary copying of data and checking
    for it. Therefore the public attribute is extraneous and causes
    inefficiences.

    A better solution would be to confine the problem of "granting" rights
    (which is in DAP only) to every principal in a "domain" to the Domain
    Access Policy interface itself, such as an operation of "void
    set_base_rights(RightsList rights);" and not permiate the entire system
    with a useless attribute. And of course, eliminate the Public Security
    Attribute all together, and all refernces to it.

  • Reported: SEC 1.6 — Mon, 12 Jul 1999 04:00 GMT
  • Disposition: Resolved — SEC 1.7
  • Disposition Summary:

    Close Issue 2800 _Public

  • Updated: Fri, 6 Mar 2015 20:58 GMT