Ron/all
You may have heard, that except for JSR 350 (State Management which also
failed to produce an EDR or similar notable output) all renewal or other
ballots passed this week. Including 351. Some notable concers raised were
available resources and time of the Spec Leads. Even a few who voted "Yes"
or abstained mentioned a possible "Open Source PoC" could be better.
Looking at possible synergies for JSR 375 especially some sort of
"attribute sub-system" among other areas that 351 may provide to 375 or
other Security frameworks, would it be possible to communicate between both
JSRs and Spec Leads, especially since all of you work for Oracle after all,
it should make it even a bit easier.
Being fairly Maven enabled and on Git already, I guess Nobis could also be
of use to some of the JSR 375 Security Proposals and vice versa.
I noticed, the Nobis wiki
https://java.net/projects/nobis/pages/Home still
said it's licensed under Apache 2.0, but POMs pretty much all look like
Glassfish ones, so that must be some legacy intent (before e.g. Jim and
Oracle Legal started to oppose Apache, especially for platform relevant
JSRs;-)
Regards,
Werner
On Thu, May 7, 2015 at 1:20 PM, Ron Monzillo <ron.monzillo_at_oracle.com>
wrote:
>
>
> On 5/7/15 6:15 AM, Werner Keil wrote:
>
> Ron/all,
>
> Looking at existing elements of JSR 351 you also highlighted like
>
> https://identity-api-spec.java.net/nonav/1.0/apidocs/javax/security/identity/provider/AttributeProvider.html#getAttributeLookupService()
>
> https://identity-api-spec.java.net/nonav/1.0/apidocs/javax/security/identity/provider/AttributeProvider.html#getAttributeUpdateService()
>
> it is safe to assess, a key focus of JSR 351 in EDR stage was
> "Attribute-Based Access Control" (ABAC)
>
> Beside commercial vendors, e.g. below, standard bodies like NIST have
> dealt with the matter for some time:
> http://en.wikipedia.org/wiki/Attribute-based_access_control
>
> I guess there are certainly things in 351 beneficial to the cause if the
> Renewal Ballot passed and 351 was allowed to continue.
>
> Regards,
>
> Werner
>
>
> Thanks Werner, and you are correct that providing attributes for ABAC
> has been an important driver for the API.
>
> Hopefully the renewal ballot will pass, and thanks for your support.
>
> Ron
>
>
>
> *Gesendet:* Donnerstag, 07. Mai 2015 um 11:50 Uhr
> *Von:* Axiomatics <marketing_at_axiomatics.com>
> *An:* "Werner Keil" <werner_at_catmedia.us>
> *Betreff:* [Infographic]: Why you should shift to Attribute-based Access
> Control
>
> Click here
> <http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct0_0/1?sid=KYkVip9hj> to
> view this message in a browser window
>
>
>
> <http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct1_0/1?sid=KYkVip9hj>
> <http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct2_0/1?sid=KYkVip9hj>
> <http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct3_0/1?sid=KYkVip9hj>
> <http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct4_0/1?sid=KYkVip9hj> What
> can Attribute-based Access Control do for you? Check out this infographic
> to ease the pain.
>
> From the board room to the database administrator - we're all being kept
> up by the threat of sensitive data getting into the wrong hands. We've all
> got different reasons for this - sometimes it's compliance, sometimes it's
> fraud. Whatever the driver- enterprises and government agencies alike know
> that data access control is paramount to a business' data security goals.
> Now, many of these organizations are making the shift to externalized
> authorization and fine-grained access control.
> You've probably heard about ABAC - but maybe you're overwhelmed by it.
> Read on to find out how making the shift to this approach can help you meet
> your IT security goals. [image: The ABAC Factor Infographic]
> <http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct5_0/1?sid=KYkVip9hj> [image:
> The ABAC Factor Infographic]
> <http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct5_1/1?sid=KYkVip9hj>
>
>
> Click here to opt out
> <http://ma.axiomatics.com/acton/rif/10529/s-00dc-1505/-/l-0013:6647/q-5f6c/zout?sid=KYkVip9hj>
>
> For more information about Axiomatics visit our website www.axiomatics.com
>
> <http://ma.axiomatics.com/acton/ct/10529/s-00dc-1505/Bct/q-5f6c/l-0013:6647/ct1_1/1?sid=KYkVip9hj>
> or send an email to info_at_axiomatics.com
> <https://3c.gmx.net/mail/client/mail/compose/info@axiomatics.com> .
>
>
>
>