[484] in WWW Security List Archive
Re: Barring Bros Was:Re: SLL protocol implementation ?
daemon@ATHENA.MIT.EDU (Mary Ellen Zurko)
Wed Mar 1 01:18:18 1995
From: zurko@osf.org (Mary Ellen Zurko)
To: www-security@ns2.rutgers.edu
Date: Tue, 28 Feb 95 12:53:54 EST
Cc: zurko@osf.org (Me)
In-Reply-To: <95Feb28.120626+0900_met.63660-2+4@dxal18.cern.ch>; from "Phillip M. Hallam-Baker" at Feb 28, 95 12:06 (noon)
Reply-To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
> Practical Model:
>
> Real stock markets are more complex. Particularly with respect to selling
> options where the losses are open ended. The set of attributes must be
> determined to fit. The key point is that the attribute set must be given a fixed
> semantics by all the parties. There are two main options here :-
>
> 1) The stock market board sets the attribute semantics.
>
> 2) Each company may define their own semantics.
>
> (1) is easiest to implement, (2) is easiest to administer. What is actually
> needed is a set of Meta semantics which allow the creation of a semantics which
> fits the application.
Just where are the semantics encoded? Some sort of default
authorization engine? Some standard set of operations, and a function
involving those ops, attribute values, and values associated with the
request to be processed?
Mez