Changes between Version 3 and Version 4 of TIEDABACDemo
- Timestamp:
- 07/10/09 12:28:50 (15 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
TIEDABACDemo
v3 v4 37 37 [[Image(Creds.png)]] 38 38 39 The image above points out that each arrow maps into an ABAC credential: an element that can be used in a proof. Because each of these is a signed assertion of a fact or delegation of authority, walking the arrows to an attribute corresponds to collecting those signed credentials, which establishes a trust relationship. ABAC credentials allow principals to negotiate directly about what they consider adequate proof.39 The image above shows how to walk the chain of attribute assignments and delegations to prove a principal has a given attribute. In this case, it shows that Ted has the GOP.demo attribute. It also points out that each arrow maps into an ABAC credential: an element that can be used in a proof. Because each of these is a signed assertion of a fact or delegation of authority, walking the arrows to an attribute corresponds to collecting those signed credentials, which establishes a trust relationship. ABAC credentials allow principals to negotiate directly about what they consider adequate proof.