accumulo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Edmon Begoli <ebeg...@gmail.com>
Subject Role label grammar
Date Mon, 13 Aug 2012 19:26:13 GMT
Folks,

These are just some thoughts inspired by our discussion on user list
and the multi-level representation for labels.

What do you think if role labels could have embedded, interpretable,
simple micro-grammar structure
that if present could be used to augment the role label semantics with
additional meaning - e.g. place, time, relationship.

For example:

if regular label is followed by :

:read:4294967295 or  read:4294967295-4294967312

this would mean that this role label is effective between these timestamps.

We could further expand the grammar to include some of the simple and
easily verifiable conventions.

for instance label:

administrator@tn

could mean that this is a role of an administrator but effective only
for the state of Tennessee.

= could mean "is"

read=administrator@tn

Would indicate read privileges at the admin level at Tennessee.

--
Edmon

Mime
View raw message