[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Blended Authentication (AKA "Granular Access Control")
Jeff Greif wrote: > The "cartelization" being described makes Joe authenticate himself with System > A, in order to use the trust relationship between System A and System B to > examine your medical records (after System B verifies that System A has a > right to look at your records because it represents the designated insurance > provider). Is there something nefarious about this? Would you prefer it if > Joe could access your records without this level of security? Hi Jeff. Questions of whether this is nefarious I shall leave to others. The question of whether this is cartelization, however, you seem to have answered yourself with this very example. As you illustrate, Systems A and B have apportioned between themselves, and between themselves exclusively, the entire functionality, as they understand it, of authenticating and authorizing users (and the very term 'trust relationship' which you use has equally, and ambiguously, both the meanings 'mutual reliance' and 'collusion in cartel' [as criminalized by the antitrust laws]). Your example demonstrates a priori agreement on a) the full scope of the functionality involved; b) the comprehensive list of participants who will execute any of that functionality; and c) the precise division of that functionality between the identified participants. Those three criteria define cartelization. I would ask you to contrast that cartelization with the truly distributed functionality which I propose, in which no process executes its functions in anticipation of how, or by what process its output or data product will be next used, nor to what purpose. Your System A acts in specific anticipation of how Joe will use the outcome of the authentication process to gain access to the specifically understood relationship between System A and System B. Designed as truly autonomous, distributed processes ('web services') System A, proxying for the health insurance provider, would make data which it publishes available to Joe solely because of who Joe is with respect both to System A and to the data he seeks, just as System B would make its particular output available to him. For purposes of the transaction which Joe synthesizes in this instance, the nexus between Systems A and B is not a priori, but is specific to this instance and is established by this identifiable, isolatable, auditable act of Joe's. Instead of Joe as supplicant before the public interface presented by one process of the cartel, hoping that he can summon its functionality by incanting the required form, Joe is instead the prime mover of a particular transaction, the input data needs of which he satisfies by doing simple GETs of the published outputs of RESTful nodes, and then synthesizing that data through his particular expertise into a unique transaction. Respectfully, Walter Perry
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|