accumulo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher <ctubb...@apache.org>
Subject Re: User authorizations in accumulo
Date Tue, 17 Feb 2015 07:04:19 GMT
On Mon, Feb 16, 2015 at 7:26 PM, Srikanth Viswanathan <srikanthv2@gmail.com>
wrote:
[snip]

> I will try to summarize my updated understanding of the issue based on
> your replies:
>
[snip]

Do let me know if my observation above has any inaccuracies.
>
>
Seems reasonable.


> As a side note, it did help me a lot to think about visibilities as
> *data classifications* rather than visibilities, considering that
> there are so many similar-sounding terms in the Accumulo security
> model (authentication, permissions, authorization, ...)
>
> [snip]

Not trying to confuse this point any further, but I think of the
table/system permissions as coarse-grained RBAC, and the visibilities (data
classifications) as either ABAC or fine-grained RBAC, depending on your
data model. It sounds like using them as RBAC is perfectly reasonable for
your situation.

--
Christopher L Tubbs II
http://gravatar.com/ctubbsii

Mime
View raw message