Approach

• Local policies: ACLs

• Distributed policies: credentials

• An optional condition field is added to ACLs and credentials

- conditions in credentials are evaluated in addition

to the conditions in the matching ACL entries

• Generic Authorization and Access control API (GAA API)

- gaa_get_object_acl

- gaa_check_authorization

• GAA API Security Context

Previous slide

Next slide

Back to first slide

View graphic version