directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r927050 - in /websites/staging/directory/trunk/content: ./ fortress/user-guide/1.3-what-rbac-is.html
Date Mon, 27 Oct 2014 15:41:22 GMT
Author: buildbot
Date: Mon Oct 27 15:41:22 2014
New Revision: 927050

Log:
Staging update by buildbot for directory

Modified:
    websites/staging/directory/trunk/content/   (props changed)
    websites/staging/directory/trunk/content/fortress/user-guide/1.3-what-rbac-is.html

Propchange: websites/staging/directory/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Mon Oct 27 15:41:22 2014
@@ -1 +1 @@
-1634562
+1634577

Modified: websites/staging/directory/trunk/content/fortress/user-guide/1.3-what-rbac-is.html
==============================================================================
--- websites/staging/directory/trunk/content/fortress/user-guide/1.3-what-rbac-is.html (original)
+++ websites/staging/directory/trunk/content/fortress/user-guide/1.3-what-rbac-is.html Mon
Oct 27 15:41:22 2014
@@ -177,23 +177,33 @@
 <ul>
 <li>ANSI INCITS 359-2001, <a href="http://profsandhu.com/journals/tissec/ANSI+INCITS+359-2004.pdf">http://profsandhu.com/journals/tissec/ANSI+INCITS+359-2004.pdf</a>
- The ANSI specification describes RBAC and provides functional specifications in Z-notation.
 </li>
 </ul>
-<p><img alt="ANSI RBAC Specification" src="images/ANSIRBAC-Spe.png" /></p>
+<p><CENTER>
+<img alt="ANSI RBAC" src="images/ANSIRBAC-Spe.png" />
+</CENTER></p>
 <ul>
 <li>RBAC0 - Users, Roles, Permissions (Objects-Operations), Sessions - Form the Core
of ANSI RBAC.  Role activation and Permissions mapped to Object-&gt;Operation pairing
are key facets of the basic ANSI RBAC model.</li>
 </ul>
-<p><img alt="" src="images/RbacCore.png" /> </p>
+<p><CENTER>
+<img alt="The Core" src="images/RbacCore.png" /> 
+</CENTER></p>
 <ul>
 <li>RBAC1 - Hierarchical Roles - Encourages proper role engineering.  Parent roles
are Business Roles while child roles map to IT Roles.  Role hierarchies should be many-to-many
or multi-inheritance.</li>
 </ul>
-<p><img alt="" src="images/RbacHier.png" /> </p>
+<p><CENTER>
+<img alt="Hierarchical RBAC" src="images/RbacHier.png" /> 
+</CENTER></p>
 <ul>
 <li>RBAC2 - Static Separation of Duties - Used to limit the privilege of users to within
normal boundaries.  SSD constraints are applied at role assignment time.</li>
 </ul>
-<p><img alt="" src="images/RbacSSD.png" /> </p>
+<p><CENTER>
+<img alt="Static Separation of Duties" src="images/RbacSSD.png" /> 
+</CENTER></p>
 <ul>
 <li>RBAC3 - Dynamic Separation of Duties - Enforces constraints on what functions may
used together at any point in time.  DSD constraints may be used to enforce strict controls
during multi-step approval processes.  DSD constraints are applied at role activation time.</li>
 </ul>
-<p><img alt="" src="images/RbacDSD.png" /> </p>
+<p><CENTER>
+<img alt="Dynamic Separation of Duties" src="images/RbacDSD.png" /> 
+</CENTER></p>
 <ul>
 <li>
 <p>Well defined APIs that can be shared across projects and application development
teams.</p>



Mime
View raw message