Hi Matthias > Just a quick remark to Asger's email: in my opinion, policies > and licenses are very different things.
I would agree with this. Licences represent agreements, and usually have some human-readable manifestation. Access control policies represent a machine-readable interpretation of the licence. > I even have my doubts > if I would like to see policies (which will change over time) > as something I want to store in a repository at all. Changing > a policy doesn't change the object itself, whereas a license > associated with an object is a much tighter and stable > relationship (think of an OA license with an embargo - the > policy changes after the embargo ends, the license is still valid). How transient the policy is depends on the implementation I think - for instance in the embargo example it should be possible to include the date criteria in (for instance) the XACML, so that the policy wouldn't change. In some cases policies could be very transient(eg access control based on some non-standard, local, LDAP attributes) or less transient (eg based on some longer-lifetime standard for user attributes, eg Shibboleth). > Storing policies in Fedora > probably requires a cache for faster access, which further > complicates things. This is an issue that is recognised; currently FeSL has DBXML for faster access, alternatives to this in the future will need looking into. I think it's a similar situation to the resource index, which represents a "cache for faster access" of RELS relationships (indexing of Fedora resources in general, whether for "basic search", gsearch, is also analogous I feel). Even if policies are stored outside of Fedora objects, this cache would still be required. Regards Steve ------------------------------------------------------------------------------ SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW http://p.sf.net/sfu/solaris-dev2dev _______________________________________________ Fedora-commons-developers mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fedora-commons-developers
