BT.Permission Register

From OIAr Archive 2013
Revision as of 00:22, 12 November 2012 by Jan Schoonderbeek (talk | contribs) (start)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
Informational
Informational
Page maturity
This page has maturity level 2 (young)

This is a Building Block document

Document icon BT Permission Register Version: 0.21 OIAr logo
Document type: Building Block Type Owner:

J.A.H. Schoonderbeek


Informational
Informational
Create commentary

Description

This Building Block Type belongs to Working Area Middleware (MW). It offers a means to store and publish permissions (technical representations of business rules about infrastructural actions like reading or writing information). It usually accompanies a Permission Validation facility.
Note that permissions most often cannot be written in a standard format; thus, the capabilities of a Permission Register with respect to the kinds of permissions it can handle are hard-coded. This means that if a Permission Register (and Permission Validation) facility is positioned in an infrastructure landscape to authorize access to a set of resources, it cannot automatically be assumed fit to also authorize access to a new, different set of resources. E.g. a Permission Register that holds access control lists for web addresses cannot be assumed to also be able to hold access control lists to modules of a specific business application.

Permission Register is modelled separately from Permission Validation for two major reasons:

  • to account for the security aspects (both in the sense that a Permission Register itself must be properly secured, and that positioning a Permission Register in an infrastructure overview serves as a focal point for security considerations), and
  • because the permissions that can be stored in a particular Permission Register instance are inherently limited to a specific set of actions (as described above).

Icon

The icon below can be used to represent this infrastructure function in graphical Pattern representations that it might be part of:

Icon for this function
Icon for this function


Variants of this Building Block Type

The following variants of this function have been defined:

Semantic query
Semantic query

No Pattern Variants based on this Pattern Type (yet)


Pattern Types using this Building Block Type

The following Pattern Types use this function:

Semantic query
Semantic query
Pattern VariantBrief DescriptionOwnerMaturity
PAT.Authentication+AuthorizationAuthentication & AuthorizationJ.A.H. Schoonderbeek3