WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Authorization Framework.

From: "D. Höhn" <dmalloc () users sourceforge net>
Date: Mon, 24 Jan 2005 07:48:41 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Babu Kopparam wrote:
|
| Hi! Experts,
|
Hello (though I am no expert).
<snip>
| I have proposed RBAC (referring NIST's specification) as the suitable
| solution for Authorization.
|

As you might know RBAC stands for

Role Based Access Control.

There is a fundamental difference between Authorization and
Authentication. What is it that you need to supply? I guess both of
those topics need to be satisfied by your framework ?

- -d


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (Darwin)

iD8DBQFB9JpJPMoaMn4kKR4RA3UrAJ94RZi8p7aB2gttnNdY5uc1Yq/lNgCfeDGt
X8T5KBq3m4c/PCK3pOuadVk=
=Ja92
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: