Jean-Sebastien Delfino wrote:
[snip]
I'll propose a scenario in a separate email.
Here it goes:
- We have support for SCA security policies.
- We have a Bigbank application.
- A bank application should be secure.
Looks like a perfect fit to me.
Going through a real world like scenario and trying and showing how to
use SCA policies in an application like Bigbank will help our users
understand how to use policies. It will also help us improve what we
have, mature our policy story and provide feedback to the spec if necessary.
To make it real, I'd suggest to look at the Bigbank application and
first think about where it'll make business sense to apply
authentication, confidentiality, integrity or nothing.
To make the scenario a little more interesting we could split checking
and savings account management in two divisions of the Bank running
different composites. We'll then have to consider:
- exchanges within a department
- exchanges across departments
- exchanges with the outside world
...with different security requirements for each.
--
Jean-Sebastien
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
