Excerpt |
---|
Authorization management is necessary because all clients/systems operating within a given SLA may not be allowed to have equal access to data |
User and role modelling
Authorization is managed on the SLA level. Each connecting system/client may be assigned an identity (a user) having a number of roles, corresponding to the different operations in the bit repository. Each identity is assigned a certificate, which may be revoked in case it is compromised.
...