Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

attribute based access control #109

Open
chicco785 opened this issue May 10, 2022 · 2 comments
Open

attribute based access control #109

chicco785 opened this issue May 10, 2022 · 2 comments
Assignees
@chicco785 @Cerfoglg
Labels
design enhancement New feature or request
Milestone
1.0

Comments

@chicco785
Copy link
Contributor

Is your feature request related to a problem? Please describe.

Currently, by implementing the WAC standard profile,
anubis supports only RBAC. While not formalized, the specs discuss the possibility to use ODRL to express obligations required to be met by agents prior to accessing a resource cf. authorization-extensions section in WAC spec

We could define the extension as

    oc-acl:constraint     a rdf:Property;
         :comment "The information resource to which access is being granted.";
         :domain acl:Authorization;
         :label "Has Constraint"@en;
	rdfs:range [
		a owl:Class ;
		owl:unionOf ( odrl:Constraint odrl:LogicalConstraint ) ;
	] .

to allow acl rules to have constraints.

oc-acl:constraint [
                odrl:leftOperand ? ;
                odrl:operator odrl:isA ;
                odrl:rightOperand ?
              ]

Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.
@chicco785 chicco785 added the enhancement New feature or request label May 10, 2022
@chicco785 chicco785 added this to the 0.4 milestone May 16, 2022
@chicco785
Copy link
Contributor Author

the language is documented in https://github.com/orchestracities/anubis-vocabulary

@chicco785
Copy link
Contributor Author

we need to decide in a next release how to implement this in the backend

@chicco785 chicco785 modified the milestones: 0.4, 0.6 Jun 9, 2022
@chicco785 chicco785 modified the milestones: 0.6, 0.7 Jul 4, 2022
@chicco785 chicco785 modified the milestones: 0.7, 1.0 Oct 21, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@chicco785 chicco785

@Cerfoglg Cerfoglg

Labels
design enhancement New feature or request
Projects
None yet
Milestone
1.0
Development

No branches or pull requests
2 participants
@chicco785 @Cerfoglg