<!-- Thank you for suggesting an idea to make Teaclave better. Please fill in as much of the template below as you're able. -->
### Motivation & problem statement <!-- Provide a clear and concise description of what the problem is. --> The access service is not used by any other services. The python engine (MesaPy) it uses is not maintained any more. Teaclave is moving towards Confidentail VM and the ported services should be determined. ### Proposed solution <!-- Provide a clear and concise description of what you want to happen. --> I reviewd all the access control code in the managment and frontend services and found that most of the access control patterns are attribute-based, like checking the user ID against the owner ID of the object, e.g., task, file and function. Three years ago, someone suggested using [casbin-rs](https://github.com/casbin/casbin-rs) as the engine in #265 . Casbin is powerful and supports ABAC. We can use it to do most of the access control. For more complicated access control, we can keep the enforcer hard-coded as it is now. Please feel free to comment, thanks. @mssun @uraj -- Reply to this email directly or view it on GitHub: https://github.com/apache/incubator-teaclave/issues/700 You are receiving this because you are subscribed to this thread. Message ID: <apache/incubator-teaclave/issues/7...@github.com>
