Michael Bell wrote:
I attached some changed images because there was a design flaw included. After every step it must be possible to write a log-entry but after the IDENT step it is senseless to write a log if the result is the role of the user. So the result must be the user itself and the role mapping must be part of the ACL step.karthikeyan kk wrote:I want to discuss issues concerning the rbac facility in OpenCA. I am going through the articles on PMI and X509 privilege management system. Could you guide me on book references if any on the subject and the issues specific to the OpenCA project for rbac. And could I have your personal mailID,pls.
I attached some pictures to illustrate the plans for the accesscontrol of OpenCA. Every part can be seperately switched off and on. CHANNEL is completely optional, IDENT is optional but required if ACL is used and ACL is optional.
Michael
--
-------------------------------------------------------------------
Michael Bell Email (private): [EMAIL PROTECTED]
Rechenzentrum - Datacenter Email: [EMAIL PROTECTED]
Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482
Unter den Linden 6 Fax: +49 (0)30-2093 2959
10099 Berlin
Germany http://www.openca.org
rbac.tar.gz
Description: application/gunzip
