Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add authorisation definition and checking services #406

Open
6 of 9 tasks
amedranogil opened this issue Jun 2, 2017 · 0 comments
Open
6 of 9 tasks

add authorisation definition and checking services #406

amedranogil opened this issue Jun 2, 2017 · 0 comments

Comments

@amedranogil
Copy link
Member

amedranogil commented Jun 2, 2017

Originally Opened: @amedranogil (2014-05-29 16:41:53)

Authorisation mechanisms are needed by many applications, whether it is to define who can read (or write) what data, or to consult if certain data item is accessible by any given user.

These mechanisms have to be supported in universAAL. The platform must be able to support all these applications, and if possible, it should use these mechanisms within the platform to increase the overall security.

The preliminary ontology to support access control of users to assets (the objects that may have restricted access), is shown in the attached image. Roles are a mechanism to manage the access rights in an optimal way.

Roadmap:

  • refine the ontology
  • Define services for:
    • checking the access rights of any given user to any given asset
    • managing roles
    • managing Acess Rights per role
    • delegating Roles
  • Develop a tool to manage the roles (and access rights per role) intuitively.
  • Ensure the storage of the security profiles, roles, access rights and default access for assets is secure and can not be read by un-authorised modules. CHe must ensure open SPARQL queries (and other queries) are restricted to assets that the user has access to.
  • Ensure the CHe queries may not change the access rights unless issued by authorised users.

--

From: this issue has been automatically imported from our old issue tracker

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant