Security Service Avatar
  1. OMG Specification

Security Service — Closed Issues

  • Acronym: SEC
  • Issues Count: 7
  • Description: Issues resolved by a task force and approved by Board
Open Closed All
Issues resolved by a task force and approved by Board

Issues Summary

Key Issue Reported Fixed Disposition Status
SEC15-2 get_security_names SEC 1.4 SEC 1.5 Resolved closed
SEC15-1 PrincipalAuthenticator and Current SEC 1.4 SEC 1.5 Resolved closed
SEC15-7 Table 15-25 Attribute Values lists family 0 attributes as family 1 SEC 1.4 SEC 1.5 Resolved closed
SEC15-6 SecurityAdmin::DomainAccessPolicy::grant_rights takes SecAttribute SEC 1.4 SEC 1.5 Resolved closed
SEC15-5 Table description incorrect in Security Service SEC 1.4 SEC 1.5 Resolved closed
SEC15-4 SecurityLevel2::Current policy factory operation SEC 1.4 SEC 1.5 Resolved closed
SEC15-3 Typo in 15.7.1.1, p.15-145, very last bullet: SEC 1.4 SEC 1.5 Resolved closed

Issues Descriptions

get_security_names

  • Key: SEC15-2
  • Legacy Issue Number: 2094
  • Status: closed  
  • Source: Anonymous
  • Summary:

    Summary: e have a SecurityMechandNameList get_security_names(in Object objref);
    on SecurityLevel2::Current.

    Since we have this capability, we should have a similar way of getting the
    mechanisms and options.

    Unfortunately, Security::MechandOptions struct only contains options
    supported and does not have options required. The only place it is used is
    for Vault::get_supported_mechs();

    We should probably have another structure to handle the mechs on the
    object reference. We will call this the mechanism data as not to confuse
    it with MechandOptions struct.
  • Reported: SEC 1.4 — Fri, 16 Oct 1998 04:00 GMT
  • Disposition: Resolved — SEC 1.5
  • Disposition Summary:

    :Current.
  • Updated: Fri, 6 Mar 2015 20:58 GMT

PrincipalAuthenticator and Current

  • Key: SEC15-1
  • Legacy Issue Number: 2027
  • Status: closed  
  • Source: Anonymous
  • Summary:

    Summary: I have a problem discovering the semantics of using
    Current.set_credentials(SecInvocationCredentials) as opposed to using an
    InvocationCredentials Policy object on Current, or the target object
    reference.

    I believe we should deprecate set_credentials and get_credentials infavor
    of InvocationCredentials and NonRepudiationCredentials Policy Objects.
    This mechanism seems more in line with the the way we seem to be
    traveling. So it will be consistent with the client invocation policy
    model.

    Or. we should put an explicit statement ordering the retrieval of
    credentials at object reference creation.

    1. InvocationCredentailsPolicy object off of Target object reference.
    2. InvocationCredentialsPolicy object from the Current.
    3. Current.get_credentials()
  • Reported: SEC 1.4 — Fri, 2 Oct 1998 04:00 GMT
  • Disposition: Resolved — SEC 1.5
  • Disposition Summary:

    Close issue 2027: Principal Authenticator and Current
  • Updated: Fri, 6 Mar 2015 20:58 GMT

Table 15-25 Attribute Values lists family 0 attributes as family 1

  • Key: SEC15-7
  • Legacy Issue Number: 2199
  • Status: closed  
  • Source: Anonymous
  • Summary:

    Summary: I think its a formatting problem rather than a type-o. The "Privilege
    Attribute (family = 1)" heading looks like it was automagically copied
    to the first row of the table when the table cross a page break.
  • Reported: SEC 1.4 — Fri, 6 Nov 1998 05:00 GMT
  • Disposition: Resolved — SEC 1.5
  • Disposition Summary:

    Close issue 2199. Table 15-25 Attribute Values lists family
  • Updated: Fri, 6 Mar 2015 20:58 GMT

SecurityAdmin::DomainAccessPolicy::grant_rights takes SecAttribute

  • Key: SEC15-6
  • Legacy Issue Number: 2170
  • Status: closed  
  • Source: Anonymous
  • Summary:

    Summary: On p. 15-140 of security/98-10-01, the description of grant_rights
    says the first parameter is Attribute. The first parameter should be
    SecAttribute.
  • Reported: SEC 1.4 — Thu, 5 Nov 1998 05:00 GMT
  • Disposition: Resolved — SEC 1.5
  • Disposition Summary:

    Close issue 2170.
  • Updated: Fri, 6 Mar 2015 20:58 GMT

Table description incorrect in Security Service

  • Key: SEC15-5
  • Legacy Issue Number: 2169
  • Status: closed  
  • Source: Anonymous
  • Summary:

    Summary: Table 15-7 has the title "Domain Access Policy (with Required Rights
    Mapping)". The "(with Required Rights Mapping)" part should be
    removed since it doesn"t include the required rights.
  • Reported: SEC 1.4 — Thu, 5 Nov 1998 05:00 GMT
  • Disposition: Resolved — SEC 1.5
  • Disposition Summary:

    Close issue 2169. Table description incorrect
  • Updated: Fri, 6 Mar 2015 20:58 GMT

SecurityLevel2::Current policy factory operation

  • Key: SEC15-4
  • Legacy Issue Number: 2161
  • Status: closed  
  • Source: Anonymous
  • Summary:

    Summary:
    The Policy factory operations in SecurityLevel2::Current should be
    deprecated and the ORB::create_policy operation should be used for
    creating QOPPolicy, MechanismsPolicy, InvocationCredentialsPolicy
    instead.
  • Reported: SEC 1.4 — Tue, 3 Nov 1998 05:00 GMT
  • Disposition: Resolved — SEC 1.5
  • Disposition Summary:

    :Current should be
  • Updated: Fri, 6 Mar 2015 20:58 GMT

Typo in 15.7.1.1, p.15-145, very last bullet:

  • Key: SEC15-3
  • Legacy Issue Number: 2122
  • Status: closed  
  • Source: Anonymous
  • Summary:

    Summary: In 15.7.1.1, p.15-145, very last bullet:
    SecureInvocationPolicy::get_delegation_mode should be
    DelegationPolicy::get_delegation_mode.
  • Reported: SEC 1.4 — Tue, 27 Oct 1998 05:00 GMT
  • Disposition: Resolved — SEC 1.5
  • Disposition Summary:

    :get_delegation_mode should be
  • Updated: Fri, 6 Mar 2015 20:58 GMT