Jan Schoonderbeek: start

2012-11-11T23:22:21Z

start

New page

{{Maturity|2}}
{{Pageheaderbox4BBT
|name=Permission Register
|WorkingArea=Middleware (MW)
|version=0.21
|owner=J.A.H. Schoonderbeek
}}
It offers a means to store and publish permissions (technical representations of business rules about infrastructural actions like reading or writing information). It usually accompanies a [[BT.Permission Validation|Permission Validation]] facility.<br>
Note that permissions most often cannot be written in a standard format; thus, the capabilities of a Permission Register with respect to the kinds of permissions it can handle are hard-coded. This means that if a Permission Register (and Permission Validation) facility is positioned in an infrastructure landscape to authorize access to a set of resources, it cannot automatically be assumed fit to also authorize access to a new, different set of resources. E.g. a Permission Register that holds access control lists for web addresses cannot be assumed to also be able to hold access control lists to modules of a specific business application.

Permission Register is modelled separately from Permission Validation for two major reasons:
* to account for the security aspects (both in the sense that a Permission Register itself must be properly secured, and that positioning a Permission Register in an infrastructure overview serves as a focal point for security considerations), and
* because the permissions that can be stored in a particular Permission Register instance are inherently limited to a specific set of actions (as described above).
{{FunctionIcon
|image=Icon BBT Permission Register.png
}}
{{BBT Text Footer}}

BT.Permission Register - Revision history

Jan Schoonderbeek: start