Kevin Minder created KNOX-13:
--------------------------------
Summary: Research/define authentication model
Key: KNOX-13
URL: https://issues.apache.org/jira/browse/KNOX-13
Project: Apache Knox
Issue Type: Bug
Reporter: Kevin Minder
Assignee: Kevin Minder
1. Define a layered authorization policy from the perimeter as high level
network access to services and how that layers on top of the finer grained ACLs
at the services
2. Exactly what needs to be encoded in the access token - or available by
resolving it to some context - in order to fulfill the policy enforcement needs
inside the cluster
3. Where ABAC server integrations will occur - I imagine another layered
approach here: static attributes at the gateway, more dynamic at or near
enforcement time and service specific attributes at the service perimeter
4. Common access policy done across all services - ABAC is probably a good way
to introduce something new without stepping on toes
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
