I've been debating with some folks about the best method circulating policy restrictions in SROS for enforcing access control. The two of them so far are:
* Decentralized
* Certificate Embedding
* Centralized
* Online Arbiter
I'd like to invite the rest of the community to put forth their own opinion, and so I have started a short wiki entry expanding upon the approaches. Please feel free to reply with your remarks here and/or concisely clarify the comparison on the wiki as you see them:
http://wiki.ros.org/SROS/Concepts/PolicyDissemination
To be honest I'll admit my bias for Certificate Embedding.
Not only is this what I've developed in SROS so far, but I also see it as:
* More Secure
* Harder to circumvent or exploit
* Less Invasive
* Modification can be kept out of client library
* Autonomous
* Access control is self contained and validated in TLS
But don't be afraid to play devil's advocate.
---
[Visit Topic](
http://discourse.ros.org/t/developing-with-sros/861/9) or reply to this email to respond.
If you do not want to receive messages from ros-users please use the unsubscribe link below. If you use the one above, you will stop all of ros-users from receiving updates.
______________________________________________________________________________
ros-users mailing list
ros-users@lists.ros.org
http://lists.ros.org/mailman/listinfo/ros-users
Unsubscribe: <
http://lists.ros.org/mailman//options/ros-users>