[2600] action item 480 - referring to ownership of documents in rules about function data
At the Lexington meeting (see comment #96 in
http://grouper.ieee.org/groups/2600/comment-tracking/P2600X_2008_10_v02.pdf.),
I identified an potential issue in the access control rules for D.FUNC.
For example, in 10.4, the Common Access Control SFP rule for D.FUNC says
that U.NORMAL cannot modify or delete D.FUNC "except for his/her own
documents". The potential issue is that a user may be performing an
operation on a document that is owned by another user, such as
retrieving (with permission to do so) a document from a
storage/retrieval system. The user performing the operation owns the
function data associated with the retrieval job, but does not own the
document or the function data associated with the document.
I had proposed that we change such rules from "except for his/her own
documents" to "except for his/her own jobs". However, Helmut Kurth
pointed out that we would need to define an entity "job", rules
associated with its ownership, etc., so it was not such a simple change.
I agree with that.
I think that it might be acceptable and much easier if we change the
rules to say "except for his/her own function data". This would be
consistent with the rules for D.DOC which say "except for his/her own
documents".
Before I submit this as a comment against the current draft, I would
like to open it up for discussion on this email list (as promised).
What do you all think? Is there an issue with having rules for D.FUNC
that are stated in terms of ownership of documents? If so, would stating
it in terms of ownership of function data be a good resolution to the issue?
--
Regards,
Brian Smithson
Project Manager, Security Research
PMP, SSCP, CISSP, CISA, ISO 27000 PA
Advanced Imaging and Network Technologies
Ricoh Americas Corporation
(408)346-4435