[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Blended Authentication (AKA "Granular Access Control")
Chiusano Joseph wrote: > I have a question regarding security, particularly authentication and access > control. [snip] > The concept is this: authentication of not only a user for access control to > a resource, but a combination of the user *and* a resource - i.e. "blended > authentication". Once again we have a suggestion which is profoundly inimical to the nature of XML and to the benefit which XML might provide for the interoperability of processes predicated on non-congruent understandings of similar data. Authenticating a user for access to particular data only within a given context means authenticating that user only for someone else's preconception or prejudice regarding how that data is to be used or processed. The effect of such discrimination is to prevent the uniquely useful processing of data with a particular expertise precisely because the creator or custodian of that data did not comprehend that expertise a priori and was therefore not competent itself to render that particular benefit in processing. Quite simply, obviating in the name of security the uniquely useful benefits which truly expert processing confers is the choice of a known stupidity over an as yet undiscovered enlightenment. Respectfully, Walter Perry
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|