## Action = Action Fedora XACML Evaluation = ## The persons assigned to the action Assigned:: BAM+KFC ## The persons that previously worked on this action Prev assigned:: ## The tasks from the WBS that are adressed by this action Tasks adressed:: [[TaskA]], [[TaskA.5]], [[TaskD.7]] ## The time estimated for this action Time estimated:: 4md ## The time used for this action so far Time used:: 3md ## The priority of this action. 1-9 Priority:: 1 ## The status of this action, legal values are 'Not started', 'In progress' and 'Finished' Status:: Finished ## The iteration that this actions belongs to Iteration:: 10 ## Notes about this action, that should be viewable on other pages Notes:: Evaluate if the Fedora XACML authorization system is sufficient for DOMS ## Detailed description of wanted output from the work to be carried out. ## E.g. Implement a utility class for writing data to a disk. The data must be base64 encoded before being written. == Description == To evaluate the Fedora XACML authentication system in relation to DOMS, we need to 1. find and read available material, . [[http://www.fedora-commons.org/documentation/3.0b1/userdocs/server/security/AuthorizationXACML.htm|Fedora Authorization with XACML Policy Enforcement]] . [[http://www.fedora-commons.org/documentation/3.0b1/userdocs/server/security/XACMLPolicyGuide.htm|Fedora XACML Policy Writing Guide]] . [[http://www.fedora-commons.org/documentation/3.0b1/userdocs/server/security/securingrepo.html|Securing Your Fedora Repository]] . [[http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml|OASIS eXtensible Access Control Markup Language (XACML) TC]] 1. do a small-scale test, . testing has been postponed to a later action 1. decide whether to recommend XACML as an option for DOMS and . the decision is to recommend Fedora authorization with XACML Policy Enforcement though with reservations a. we still need a test of the Fedora XACML authorization system a. and we still need an analysis of the DOMS authorization requirements to determine whether these can be met by Fedora XACML authorization 1. write a brief summary to document the decision: . [[FedoraXACML Evaluation Summary]] If we decide that XACML is an option, we will need a large-scale test, but this will be a new action. == Progress == * Wrote description + suggested priority and time estimate. Will ask KFC for quick review. -- [[bam]] <> * Updated list of tasks addressed, replaced link to XACML framework to the documentation for Fedora 3.0 beta. -- [[kfc]] <> * Updated description, decision + summary. -- [[bam]] <> * Closed action. -- [[bam]] <> == Checklist For Working On An Action == Please make sure that you address the below issues, when working on an action: * Update the state of the action to "In Progress" when you start working on it. * Check if the tasks addressed by this action have their status set to "In Progress". If that is not the case, then change the state of them. * Keep track of how much time that has been spent working on the action. If it addresses more than one task, then make a note on the action page about how much of the elapsed time that has been spent on the individual tasks. '''Hint:''' Continually updating the "Time used" field will make it easier for you. * Update the "Progress History" and documentation pages of each task addressed by this action when appropriate. This depends on the situation, but in general, the task pages should hold all important related information about the work done, experiences gathered, identified requirements and so on. * When finishing the action, change the status to "Finished" and update the "time used" field on the action page.