Return-Path: 
 <dev-return-5688-apmail-stanbol-dev-archive=stanbol.apache.org@stanbol.apache.org>
X-Original-To: apmail-stanbol-dev-archive@www.apache.org
Delivered-To: apmail-stanbol-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 64A95F825
	for <apmail-stanbol-dev-archive@www.apache.org>;
 Mon,  8 Apr 2013 10:11:14 +0000 (UTC)
Received: (qmail 94068 invoked by uid 500); 8 Apr 2013 10:11:14 -0000
Delivered-To: apmail-stanbol-dev-archive@stanbol.apache.org
Received: (qmail 94019 invoked by uid 500); 8 Apr 2013 10:11:13 -0000
Mailing-List: contact dev-help@stanbol.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@stanbol.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@stanbol.apache.org>
List-Post: <mailto:dev@stanbol.apache.org>
List-Id: <dev.stanbol.apache.org>
Reply-To: dev@stanbol.apache.org
Delivered-To: mailing list dev@stanbol.apache.org
Received: (qmail 93547 invoked by uid 99); 8 Apr 2013 10:11:12 -0000
Received: from minotaur.apache.org (HELO minotaur.apache.org) (140.211.11.9)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 08 Apr 2013 10:11:12 +0000
Received: from localhost (HELO mail-ee0-f45.google.com) (127.0.0.1)
  (smtp-auth username bdelacretaz, mechanism plain)
  by minotaur.apache.org (qpsmtpd/0.29) with ESMTP;
 Mon, 08 Apr 2013 10:11:12 +0000
Received: by mail-ee0-f45.google.com with SMTP id c50so1446006eek.4
        for <dev@stanbol.apache.org>; Mon, 08 Apr 2013 03:11:11 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.14.207.200 with SMTP id n48mr34826884eeo.4.1365415871063;
 Mon, 08 Apr 2013 03:11:11 -0700 (PDT)
Received: by 10.223.69.12 with HTTP; Mon, 8 Apr 2013 03:11:10 -0700 (PDT)
Date: Mon, 8 Apr 2013 12:11:10 +0200
Message-ID: 
 <CAEWfVJn4Jm-N6XwKLiB1sFPX3+YrzYvMT_tv9R6ehHGbkY0-ug@mail.gmail.com>
Subject: It's not security, but rather multi-user vs. single-user Stanbol
From: Bertrand Delacretaz <bdelacretaz@apache.org>
To: dev@stanbol.apache.org
Content-Type: text/plain; charset=UTF-8

Hi,

I'm trying to understand the disconnect that we're seeing in the
security discussions...isn't that more about the following two modes
of using Stanbol?

Single user Stanbol:
A stateless engine that's accessed by trusted systems, which are
supposed to handle security and access control by themselves

Multi-user Stanbol:
An engine that's accessed by non-trusted users and might store their
data, so needs security features, user management, etc.

Agreeing on these two usage modes might help us have more constructive
discussions, IMO, about features that multi-user requires but
single-user doesn't even want to see.

-Bertrand